SM, and others: > Both milters are being maintained and are similar in reliability. > dk-milter is not fading in oblivion as there are more domains signing > with DomainKeys than DKIM.
Usage of dk-milter may not be fading, but the interest in fixing standing bugs seems to be lost (contrary to dkim-milter, where MSK is there, willing to fix flaws - thanks Murray!). Three of my dk-milter bug reports (a month old) are about broken signatures, and nobody seems to care. Don't know how serious other older unresolved problem reports are. I can only conclude that, either it is not widely used, or people do not care if certain types of mail messages are incorrectly handled. An 'it works for me' attitude I guess. I'd be delighted if proven wrong! > | score DK_VERIFIED -1.5 > Note that some spam is DK signed. True, there is a paragraph about that by the end of my text. Nevertheless, I think it is worth giving a little global motivation for people to start signing their mail - both to spammers and to regular users alike. We may lose 1.5 score points to some spam (which may let through a few more marginal spam messages below the gate), but we gain a bit more information about spammer - is a mail was signed, we know the sender is a current owner of the domain, not just an anonymous controller of an army of spambots. This may bring more pressure to registrars to trim down domain kiting practices, and to bigISPs to better control their user base or risk being given few blacklist points. And the 1.5 points is not always a loss, in many cases it saves a legitimate message from being treated as false positive. It is easier to steer a river flow to where we want it to go, than to be shuffling water in few month's time. Or taken another analogy, in words of a flower (Antoine de Saint-Exupery): "Well, I must endure the presence of two or three caterpillars if I wish to become acquainted with the butterflies. It seems that they are very beautiful." > > * both the dkim-milter 0.5.1 and the dk-milter 0.4.1 need a patch as > > described in the Postfix documentation file MILTER_README. > IIRC, the Workarounds section of the Postfix documentation file is > being read incorrectly. Dkim-milter and dk-milter do not require any > patch. Well, the word 'needs' may be too strong, both milters work without the patch as well, but the log is ugly: without patch: dkim-filter[76335]: Sendmail DKIM Filter v0.5.1 starting ... dkim-filter[76335]: WARNING: sendmail symbol 'i' not available dkim-filter[76335]: (unknown-jobid): no signature data dkim-filter[76335]: (unknown-jobid): no signature data dkim-filter[76335]: (unknown-jobid): no signature data dkim-filter[76380]: (unknown-jobid): can't parse From: header dkim-filter[76335]: (unknown-jobid): no signature data with the patch (taken from its repository at SourceForge): dkim-filter[74857]: Sendmail DKIM Filter v0.5.1 starting ... dkim-filter[66366]: 11D2117B8F2: no signature data dkim-filter[66366]: 9748F17B8E8: no signature data dkim-filter[66366]: 5A9A017B8E1: no signature data Mark
