[lug] Tell us how
Zan Lynx
zlynx at acm.org
Fri Feb 15 13:45:54 MST 2013
On Fri, 2013-02-15 at 12:38 -0700, Sean Reifschneider wrote:
> On 02/14/2013 12:30 PM, Zan Lynx wrote:
> > Every real Yahoo email is signed with DomainKeys. Receiving email
> > servers should be checking the signatures. If it doesn't match up it
> > should go into spam quarantine automatically. From there a user can free
>
> Regretfully, DomainKeys/DKIM doesn't provide a way to say "My domain uses
> DKIM and e-mails from it which are not properly signed should be considered
> suspicious". It only provides a mechanism for saying "This message is a
> message legitimately from my domain", you can't say anything about messages
> that do not have a valid signature, as far as DKIM is concerned.
>
> I had very high hopes for DKIM, but when I set about implementing it for my
> mail servers I found this hole. <mic drop>
Huh? There's a DNS record that describes the DKIM information for the
domain. If that exists then it is a DKIM domain.
--
Knowledge Is Power
Power Corrupts
Study Hard
Be Evil
More information about the LUG
mailing list