On Wed, 12 Mar 2025, Bierhoff, Florian via mailop wrote:
Hello all,
Thanks for having me on the list. I'm working for German BSI and am
one of the persons behind our technical guidelines concerning mail
security.
In our guideline for mail authentication we require sending mail
servers to apply DKIM signatures using RSA (1024 or 2048 bit) and
ED25119.
I know that validating ED25119 signatures isn't as widespread as it
probably should be, but I have recently been informed that some
receiving mail servers may even downgrade a mails reputation in the
case of an existing valid ED25119 signature, if they don't have the
capabilities to validate the signature. This even happens if the
ED25119 signature is accompanied by a valid RSA signature.
Do you have any idea whether this downgrading is deliberate or just an
automated consequence of the spammers being better at using ED25119
signatures ?
--
Andrew C. Aitchison Kendal, UK
[email protected]
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
