On Mon, 26 Jul 2021 08:08:10 -0400 Greg Troxel wrote:
So -0.2 means that there are two dkim signatures, one for each, and
they are both valid.
On 26.07.21 18:05, RW wrote:
It could do, but usually it just means that the sender and author
domains are the same.
> BTW, looking at metas in 72_active.cf:
>
> meta XPRIO __XPRIO_MINFP && !DKIM_SIGNED &&
> !__DKIM_DEPENDABLE && !DKIM_VALID && !DKIM_VALID_AU &&
> !RCVD_IN_DNSWL_NONE meta XPRIO __XPRIO_MINFP &&
> !DKIM_SIGNED && !__DKIM_DEPENDABLE && !DKIM_VALID && !DKIM_VALID_AU
> && !RCVD_IN_DNSWL_NONE && !SPF_PASS
>
> !DKIM_VALID && !DKIM_VALID_AU is redundant and !DKIM_VALID_AU
> should be enough
I don't think so. These are negated.
if there's no valid signature, there can't be valid author domain
signature.
If there's valid author domain signature, there's surely at least valid
signature.
imho we should compare author domain signature, not any (random) signature.
"&& !DKIM_SIGNED " means the rule can only be true if there's no
signature, so none of the terms with __DKIM_DEPENDABLE, DKIM_VALID, and
DKIM_VALID_AU make any difference.
It's usually not a good idea to use DKIM_SIGNED because it relies on
the plugin, whereas __DKIM_EXISTS and the duplicate rule
__HAS_DKIM_SIGHD don't.
yes, more rules are kinda redundant here
!DKIM_SIGNED && !__DKIM_DEPENDABLE && !DKIM_VALID && !DKIM_VALID_AU
if message is not signed, then signature can't be valid or invalid. If any
of signatures is valid, the message is signed.
the !DKIM_SIGNED is useless here unless it's a performance optimization.
Is it?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Silvester Stallone: Father of the RISC concept.
