On Wed, Jul 15, 2020 at 11:31 AM John Levine via mailop <mailop@mailop.org> wrote:
> In article <021c736c-4194-4339-9d22-72f7b0707...@as397444.net> you write: > >Ah, I didn’t know l= existed, thanks for that! Do most hosts treat l=0 as > DKIM-valid the same way as l=, or are they likely to > >ignore the DKIM signatures? > > It varies buy my impression is that there isn't a lot of mail with l=0 > signatures that the recipients actively want to receive. > I'd say since most people don't send mail with that, most spam filters are ignorant of the distinction as of yet. If any large enough domain started doing that, or especially if multiple of them did, then the spammers would find them and re-use the headers for a DKIM replay-like attack. If that attack was successful, then spam filters would be changed to likely discount the l=0 signatures in much the same way that they discount 512 bit dkim keys or overly wide SPF records. It's possible the existing rules dealing with the replay attacks would be successful against these attacks, in which case nothing will change... or will only at some providers, depending on how well they survived. Which is to say, you can get away with things up to a point, but hacks are hacks and can fail at inopportune times. Brandon
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop