Hi Mark,
At 07:59 12-09-2006, Mark Martinec wrote:
At the time of this writing it appears the dkim-milter is more reliable
and better maintained than dk-milter, which is slowly fading into
oblivion. Similar holds true in the world of Perl modules: there are
Both milters are being maintained and are similar in reliability.
dk-milter is not fading in oblivion as there are more domains signing
with DomainKeys than DKIM.
The following SpamAssassin rules (in local.cf) work fairly well, giving
verified mail a little bit of advantage and slightly favourize mail from
some popular domains, and encourage people to start signing their mail.
Possible signed spam can be counterbalanced by other measures (see below).
score DK_VERIFIED -1.5
score DK_POLICY_SIGNSOME 0
score DK_POLICY_TESTING 0
score DKIM_VERIFIED -1.5
Note that some spam is DK signed.
# DKIM and DK-based whitelisting may be used reliably:
score USER_IN_DKIM_WHITELIST -3.0
whitelist_from_dkim [EMAIL PROTECTED]
whitelist_from_dk [EMAIL PROTECTED]
This approach is better.
* both the dkim-milter 0.5.1 and the dk-milter 0.4.1 need a patch as
described in the Postfix documentation file MILTER_README. The
dkim-milter already supplies a required patch in its bug tracking
system under "[1537905] delayed queue ID"; which will be included in
the next release;
IIRC, the Workarounds section of the Postfix documentation file is
being read incorrectly. Dkim-milter and dk-milter do not require any patch.
Regards,
-sm
