Sam, I see in the TODO file for 4.0 that adding SPF/CSV/Sender ID/DomainKeys/DKIM checking is ranked as a todo-later item. I don't care so much about CSV/SenderID/DomainKeys, but I'd like to see the others implemented sooner than later.
In particular, DKIM signatures are reportedly (2/08) being implemented at PayPal and eBay, and I'd expect other (large) financial institutions to be implementing it soon as well. I think it'd be great to have spamdyke rejecting invalid DKIM signatures. This isn't so much simply an anti-spam measure, but a solution to a very real security threat (identity theft). SPF checking is presently available in qmail-toaster, so that's not a high priority for me. However, I think it's more appropriately done by spamdyke than (a patched) qmail, so I'd like to see you do this as well. As far as DomainKeys goes, the qmail-toaster implementation of this, at least on the checking side, is somewhat broken, so it'd be nice to have, but I don't honestly think it's being used, as it's being pretty much replaced with DKIM. My guess is that CSV and SenderID are also not worth the trouble to implement. I hope that others will share their opinions on this as well. I could be wrong (again). ;) Thanks for the great work with spamdyke. -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
