Shawn Iverson skrev den 2022-11-14 21:14:
How do I stop this? paypal.com is in the default DKIM whitelist!
DKIM-Signature: v=1; a=rsa-sha256; d=paypal.com; s=pp-dkim1;
c=relaxed/relaxed;
q=dns/txt; i=@paypal.com; t=1668452569;
h=From:From:Subject:Date:To:MIME-Version:Content-Type;
bh=o8/9XRPNBSb6rQV6HcDwELycPOzUJqxucQ/nMDyby+o=;
b=r6hmfVu3PlK5UN/X+kDNdo8TkUbOkfVn6+tT3VtTr30ic5BMR9vuyrZED4ARPF74
eywsS4yJTH3S3EB0IBX5yao3SN0WFNR23EUszb8LWgSpL0lz4+ZGqAfbjWP6UvI8
2XVzbjiT2tDP2ONkvM5e9g06CuC1VH2Bte5+S/Qke61W8OaagNu8sIcu6MNfoUiO
b/esckpPfghQtqDs693+pxDtuk9SBrbf14qZ2ih9eVV/38dRdz5B22pq8Kfws9yZ
hjvQlCDfovONXEEf6+lD1rs9p0NvKEIeIK/BFxbUmShXAyL3/LlYVLELEwzQ/mnl
zoIwzGQJ9u8i005oZVUnJA==;
double From, missing message-id, potentely forged msgs can be reused
from a forgin standpoint
how to stop it ?, i can block dkim domains that makes pass on forged
content
problem with dmarc is not ditating aligment, it would stop forwarding
aswell
we all loose on forwarding emails
i give up for now :)
maybe hehe, need unmodifiede sample to help
to pmc members add funcs to test h= have minimal requered headers
signed, or as above double from, with header was later removed ?
