>are you saying that BombRe will look at headers that ASSP ads
No, it looks only in to the original header.
>I'm still worried about fake/invalid DKIM still getting the bonus score,
Invalid DKIM signatures should be blocked or scored very high, so the
bonus score does not matter
Thomas
Von:
ah, wait, are you saying that BombRe will look at headers that ASSP ads,
like X-ASSP-DKIM-Identity (which would only be added for a valid
signature)? (!) I always assumed that the bomb functionality was
only on the mail's original headers.
On Mon, Nov 8, 2021 at 2:28 PM K Post wrote:
> Th
The bombHeaderRe with the DEFINE or list should be sufficient. I'm still
worried about fake/invalid DKIM still getting the bonus score, but this
will have to do. Thanks.
On Mon, Nov 8, 2021 at 12:01 PM Thomas Eckardt
wrote:
> I told you to score such domains elsewhere - just do it and the resu
I told you to score such domains elsewhere - just do it and the result is
the same like you wanted.
for example:
bombHeaderRe:
\nDKIM-Signature:(?:[ \t]*[^= \;]+=[^= \;]+\;(?:\r\n)?)+?[ \t]*([di]=\@?(
The_Wanted_IDENTITY))\;=>the_wanted_negative_score
currently the (?(DEFINE)...) is not wo
