I confess not having read up on Domain Keys.. I did get into SPF a little, but understand its flaws as well.
If a bad DK isn't bad, then how is this supposed to help spam? I mean, if the mere presence of some signature in the headers will increase the likelihood of an email being delivered (or at least help it NOT be tagged as spam), surely the spammers will pick up on this, and the whole benefit lost. Example: Spammer takes a legit message from a DK sender, replaces it with his spam, and blasts it out with the original DK headers. The message has obviously been altered, and contains spam. Would it not be right to reject this message, since it fails the DK check? Now if the DK verification were done on the input side to Mailman (that is, in the MTA), I can see a benefit. But even in that scenerio, unless Mailman is signing, I'd think removal of the DK headers would be the right thing to do. Bob _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
