>are you saying that BombRe will look at headers that ASSP ads
No, it looks only in to the original header.
>I'm still worried about fake/invalid DKIM still getting the bonus score,
Invalid DKIM signatures should be blocked or scored very high, so the
bonus score does not matter
Thomas
ah, wait, are you saying that BombRe will look at headers that ASSP ads,
like X-ASSP-DKIM-Identity (which would only be added for a valid
signature)? (!) I always assumed that the bomb functionality was
only on the mail's original headers.
On Mon, Nov 8, 2021 at 2:28 PM K Post wrote:
>
The bombHeaderRe with the DEFINE or list should be sufficient. I'm still
worried about fake/invalid DKIM still getting the bonus score, but this
will have to do. Thanks.
On Mon, Nov 8, 2021 at 12:01 PM Thomas Eckardt
wrote:
> I told you to score such domains elsewhere - just do it and the
I told you to score such domains elsewhere - just do it and the result is
the same like you wanted.
for example:
bombHeaderRe:
\nDKIM-Signature:(?:[ \t]*[^= \;]+=[^= \;]+\;(?:\r\n)?)+?[ \t]*([di]=\@?(
The_Wanted_IDENTITY))\;=>the_wanted_negative_score
currently the (?(DEFINE)...) is not