On 10/18/2017 04:26 PM, Grant Taylor via Mailman-Users wrote: > On 10/18/2017 02:10 PM, Dimitri Maziuk wrote: > > Do I understand you correctly to mean to create the signature before > applying transport encoding? > >> Only, you can't do that on the MX, it has to be done on the client. > > Why can't you do it at the MX?
Because the very first $relayhost may apply transport encoding. You have to compute the hash before that happens. >> DKIM is designed to produce false positives. Which means DKIM-based >> tests will have low specificity >> (https://en.wikipedia.org/wiki/Sensitivity_and_specificity). > > My experience ~> opinion, save for mailing lists, differs. In fact, > most of the email that I receive passes DKIM. That does not contradict what I said. Low specificity means low probability of detection of "bad stuff". I.e. it doesn't mean much that most of it passes. > I don't think DKIM (or SPF or DMARC) have /anything/ to do with spam > detection. SPF is for envelope sender authorization. DKIM is for > message integrity. DMARC is for policy and reporting. None of that has > anything to do with spam detection / filtering. Ohkay, so what exactly am I the end user is supposed to need it for? -- Dimitri Maziuk Programmer/sysadmin BioMagResBank, UW-Madison -- http://www.bmrb.wisc.edu
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
