> -----Original Message----- > From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim- > boun...@mipassoc.org] On Behalf Of Scott Kitterman > Sent: Thursday, May 26, 2011 8:36 PM > To: ietf-dkim@mipassoc.org > Subject: Re: [ietf-dkim] MLMs and signatures again > > On Thursday, May 26, 2011 07:40:17 PM Murray S. Kucherawy wrote: > > > -----Original Message----- > > > From: ietf-dkim-boun...@mipassoc.org > > > [mailto:ietf-dkim-boun...@mipassoc.org] On Behalf Of MH Michael > Hammer > > > (5304) Sent: Thursday, May 26, 2011 4:15 PM > > > To: Scott Kitterman; ietf-dkim@mipassoc.org > > > Subject: Re: [ietf-dkim] MLMs and signatures again > > > > > > The other piece of the equation is how often do I see abusive mail > > > purporting to be from this domain with no signature while mail from > this > > > domain that is normally signed has no significant problems. > > > > I posted the results of some research on that very question earlier > this > > week: > > > > http://mipassoc.org/pipermail/ietf-dkim/2011q2/016656.html > > My experience is it varies a lot by domain. Some domains are phishing > targets > and some aren't. If it's not a phishing target DKIM doesn't matter > much > either way. If it is, then if they can manage to sign all their > outbound mail > signed/not signed gets to be useful. So I don't think looking at > global > status is a very useful basis for deciding the question. > > Scott K
Remember, it's not static, it's dynamic. What was a non-phished domain yesterday could be a phished domain today or tomorrow. DKIM isn't a magic bullet, it's one more tool in the toolbox. I've found that in combination with SPF it works very nicely on double fail and none/fail as far as catching badness with very little impact on legitimate mail. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html