On 05/25/2011 01:05 AM, Murray S. Kucherawy wrote: > Interesting. I ran some queries on our data for ebay.com, paypal.com, > chase.com and bankofamerica.com. In all cases, messages with failed > signatures were never tagged by Spamassassin, and at most 7% (usually less) > of unsigned mail where the From: field contained those domains was tagged. > This seems to concur with the "most breakage is innocent" theory and also > supports the notion that treating a broken signature as equal to no signature > is almost always the right way to go. >
Heuristic based systems like SA are subject to the phases of the moon with respect to what they find valuable and for how long. If they find it useful to educe something from DKIM or lack thereof, more power to them. Heck, if they just used the signature header pattern to determine spam from ham for different senders, that would be cool too. This is not in conflict from the statement that _cryptographically_ a broken signature is no different than a missing signature. SA and its ilk just don't operate on the plane of mathematical provables is all; nothing wrong with that. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html