> i got a question , Domainkey is now unsupportet, Dkim is > supportet, and > Domainkey compat. > when i use this plugins with spamassassin, what are the main > differents > between using this plugin for checking sign on incoming > mails, and checking > it via a MTA (and domainkeys). > Normaly the Mta, then rejects the messages / or accept it depends on > settings, but with spamassassin it gets a score if sign or > not sign (false > sign) or didnt i understand it? > sorry for my poor english
Using DKIM in SpamAssassin not only scores a minor adjustment on the message, but allows you to whitelist certain people or domains more safely using whitelist_auth. If a messages comes in from example.com and is signed, using whitelist_auth [EMAIL PROTECTED] would whitelist the message. If a message comes from example.com and is not signed, the whitelist score isn't applied. That way if a spammer spoofs a domain to send spam, they aren't whitelisted just because you want to receive other real mail from example.com. The same logic applies to using SPF in SpamAssassin. HTH, Bret
