Rick Moen writes:
> Quoting Jeroen Massar (jeroen at unfix.org):
>> > Note, that like SPF, it won't directly stop spam. It does take care
> > though that backscatter won't be possible anymore when a domain uses
> > DKIM. Unlike SPF it does not require intermediate domains to support it
> > (with SPF when one has a mailinglist or a forward address the domain
> > that does the relay has to do SRS for it to keep on working, thus
> > requiring remote parties to fix stuff because another party added SPF
> > records to their domain, which IMHO makes SPF broken by design as
> > forwarding/mailinglists is a very often used mechanism).
>> The above is incorrect as to mailing list managers = MLMs (e.g.,
> majordomo, Mailman, Sympa), because MLMs write new envelope headers
> on outgoing mail reflecting information specific to the MLM host.
>> SRS wrapping _is_ required, in an SPF environment, for /etc/alias,
> ~/.forward, and equivalent forwarding mechanisms, but not for mailing
Plus, many lists (such as this one) reformat and/or add to the message
body, causing Domain Keys or DKIM signatures to fail, indistinguishably
from a spammer attempting a replay attack.
Even some old sendmails will munge 8-bit MIME parts, breaking sigs, iirc.
As a result, it's worth noting that many of DKIM's proposed uses won't be
viable for a long time yet, at least until it becomes a well-recognised
standard and the maintainers of other systems take it into account;
just like SPF et al.
However, in the meantime, it (like SPF) serves as a good way of
*whitelisting* known senders.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!