Re: PayPal DomainKeys/DKIM whitelisting - update

2007-06-18 Thread SM 

Hi Mark,
At 11:18 18-06-2007, Mark Martinec wrote:

For completeness, here are my current rules to add few score
points to yahoo and gmail mail which fails verification:

header __L_ML1   Precedence =~ m{\b(list|bulk)\b}i


It's funny, I created similar rules a few weeks back. :-)  I'm still 
verifying how effects they are.


Regards,
-sm

PayPal DomainKeys/DKIM whitelisting - update

2007-06-18 Thread Mark Martinec 
With the PayPal transitioning its service for European customers
from UK to Luxemburg, it is beginning to use new sending address,
which may not be in people's whitelist, so here is my update
to facilitate legitimate PayPal mail reaching its customers
(I'm including ebay entries for good measure):

whitelist_from_dkim  [EMAIL PROTECTED]  paypal.com
whitelist_from_dkim  [EMAIL PROTECTED]
whitelist_from_dkim  [EMAIL PROTECTED]
whitelist_from_dkim  [EMAIL PROTECTED]
whitelist_from_dkim  [EMAIL PROTECTED]
whitelist_from_dkim  [EMAIL PROTECTED]

It seems their legitimate mail need a little help, because
Bayes sometimes confuses them with phishing, because DCC hits
on them, and because MIME_QP_LONG_LINE is firing.

Their DK signature verifies just fine with recent versions of
Mail::DKIM through a Mail::SpamAssassin::Plugin::DKIM plugin,
which needs to be enabled. Note that Plugin::DomainKeys is
not needed, the Plugin::DKIM can cope with both signature types
(with historic DomainKeys, and the DKIM (RFC 4871).

I'd welcome contributions/updates to the above list
of popular, genuine and well-intending sending domains
protecting their mail with DK or DKIM, perhaps eventually
evolving in some form of a reputation list.



For completeness, here are my current rules to add few score
points to yahoo and gmail mail which fails verification:

header __L_ML1   Precedence =~ m{\b(list|bulk)\b}i
header __L_ML2   exists:List-Id
header __L_ML3   exists:List-Post
header __L_ML4   exists:Mailing-List
header __L_HAS_SNDR  exists:Sender
meta   __L_VIA_ML__L_ML1 || __L_ML2 || __L_ML3 || __L_ML4 || __L_HAS_SNDR
header __L_FROM_Y1   From:addr =~ [EMAIL PROTECTED]
header __L_FROM_Y2   From:addr =~ [EMAIL PROTECTED](ar|br|cn|hk|my|sg)$}i
header __L_FROM_Y3   From:addr =~ [EMAIL PROTECTED](id|in|jp|nz|uk)$}i
header __L_FROM_Y4   From:addr =~ [EMAIL 
PROTECTED](ca|de|dk|es|fr|gr|ie|it|pl|se)$}i
meta   __L_FROM_YAHOO __L_FROM_Y1 || __L_FROM_Y2 || __L_FROM_Y3 || __L_FROM_Y4
header __L_FROM_GMAIL From:addr =~ [EMAIL PROTECTED]
meta L_UNVERIFIED_YAHOO  !DKIM_VERIFIED && __L_FROM_YAHOO && !__L_VIA_ML
priority L_UNVERIFIED_YAHOO  500
scoreL_UNVERIFIED_YAHOO  2.5
meta L_UNVERIFIED_GMAIL  !DKIM_VERIFIED && __L_FROM_GMAIL && !__L_VIA_ML
priority L_UNVERIFIED_GMAIL  500
scoreL_UNVERIFIED_GMAIL  2.5

  Mark