--On Friday, February 15, 2013 5:01 PM -0800 John Hardin
<jhar...@impsec.org> wrote:
On Fri, 15 Feb 2013, Quanah Gibson-Mount wrote:
Does anyone tweak the DKIM scores given by SA? There are plenty of
scenarios where DKIM has failed, yet SA does not give the email a
particularly high spam mark. 3 example test cases below. I guess I
was expecting SA would score DKIM failures more aggressively if there
are problems with the signing:
DKIM and SPF are anti-forgery tools, not anti-spam tools.
If you take a DKIM-signed email that is whitelisted because of
whitelist_auth and make a change that invalidates the signature, does it
still get whitelisted? If not, then SA is doing all that it can
reasonably be expected to do with the invalid signature.
DKIM or SPF pass or fail *by itself* is not useful as a spam sign. Taken
together with other factors (such as DKIM invalid + claims to be from
Wells Fargo) it's useful.
Ok, thanks. If any of our users ask, this is a good summary. :)
--Quanah
--
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
