This is a discussion on Re: Checking for SPF & DKIM Checks - SpamAssassin ; > > On 10.11.08 04:11, Byung-Hee HWANG wrote: > >> Well, i don't care. I accept the emails passed by DKIM, anyway.. > Matus UHLAR - fantomas wrote: > > so you intentionally create false negatives just because they are ...
> > On 10.11.08 04:11, Byung-Hee HWANG wrote:
> >> Well, i don't care. I accept the emails passed by DKIM, anyway..
> Matus UHLAR - fantomas wrote:
> > so you intentionally create false negatives just because they are DKIM
> > signed?
On 10.11.08 07:34, Byung-Hee HWANG wrote:
> My answer is "Yes" if i should say. Because of the spam case is the
> concern of the hosting, not DKIM. Yahoo and Google are trying for the
> such spam case.
> Let's get serious. If you had reading specs of RFC4408 and RFC4871, you
> know the role of both SPF and DKIM. Exactly both SPF and DKIM are tools
> for anti-pishing, not anti-spam (at here i defined the term "SPAM" as
> "UCE"). Sometimes we received the spam passed DKIM from Yahoo and
> Google. However. We have no way to stop the such spam in this time.
> Because stopping the such spam is not DKIM's scope.
I _know_ the scope of SPF and DKIM. They both don't say that mail is ham or
the spam, they only say if it's forged:
- if it's forged, it's likely to be spam.
That's why many people reject mail that (hardly) fails SPF (and maybe DKIM).
- if it's not forged, we do not know anything about it.
That's why the SPF_PASS and DKIM_VERIFIED scores are nearly zero by default.
Spammers use SPF, maybe they (will) use DKIM, but the last fact above makes
us safe not to trust any mail that passes SPF/DKIM checks.
What you are doing, is that you (as I repeat) intentionally make all
DKIM-signed spams pass, so spammers using DKIM will pass your system unless
they get ~50 points from other rules.
> So what we says "DKIM is bad" is wasting times for the spam passed DKIM
> from Yahoo and Google. As same step, we cannot say "SPF is bad". We need
> to talk more about this issue.
I have never said that DKIM or SPF is bad. I said that scores for them
passing are and should be (nearly) zero.
Giving them that big negative (well... low) score is just stupid.
I strongly advise you to remove that customisation and let other rules do
their job. Otherwise you'll get flooded by spammers who DKIM-sign their
Matus UHLAR - fantomas, firstname.lastname@example.org ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I feel like I'm diagonally parked in a parallel universe.