[Mailman-Users] cause of bounces
gtaylor at tnetconsulting.net
Wed Oct 18 12:37:08 EDT 2017
On 10/18/2017 09:18 AM, Dimitri Maziuk wrote:
> Then you seem to misunderstand what crypto signatures actually do.
I believe I understand what the crypto signatures actually do.
We are each entitled to decide what to actually do based on the result
of the crypto signature (in)validity.
> If signature check fails, then the message is not what its author
> actually wrote. IRL it's mainly SorceForge and the like injecting its
> ads into signed parts, (and the real reason google is pushing https and
> dkim so hard is it's messing with their ad revenue,) but in principle if
> the check fails the message *content* is *invalid*. Whoever the author
> and whatever the content.
I believe I remember (but can't point to) something in the DKIM spec
that referenced the possibility that the DKIM signature could be broken
by things as benign as an MTA doing a content transfer encoding
conversion. - I have personally seen this.
As such, you can't be 100% positive that the message content's meaning /
copy has actually changed, just that something about the message has
changed. - Thus it is advised to only treat valid signatures as a good
thing and be cautious of treating invalid signatures as a bad thing.
I use DKIM validity as a signal that I then make decisions based on. -
Hence why I have chosen to alter spam score on my mail server based on
the DKIM result.
Grant. . . .
unix || die
More information about the Mailman-Users