On Wed, 11 Nov 2020 17:01:21 +0100
On 11.11.20 15:41, RW wrote:
>Note that without a DKIM pass, SPF is easily spoofed in TxRep.
is it? how does that work then?
It's implicit in the next bit.
>DKIM reputations are identified by a combination of header from
>address and signing domain. SPF pass reputations are just identified
>by header address, without incorporating the envelope domain or
>requiring alignment.
On 11.11.20 19:06, RW wrote:
These two cases share the same "authenticated" primary reputation:
Return-path: c...@example.com
From: c...@example.com
Return-path: some...@somewhereelse.com
From: c...@example.com
The benefit of this could be substantial, particularly with
txrep_learn_bonus set. All you have to do is make sure the envelope
sender passes SPF.
To be honest I haven't verified this, but the code looks
straightforward. $signedby gets set to the tag DKIMDOMAIN or falls
back to the fixed string 'spf' for an SPF pass.
sorry, I'm not into txrep much for now.
Does it mean, that txrep correctly compares Return-Path (or any header that
is filled by envelope from), but incorrectly adds bonus to address in From:
header?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #98652: Operation completed successfully.
