[lug] Tell us how

Sean Reifschneider jafo at tummy.com
Fri Feb 15 12:38:06 MST 2013

On 02/14/2013 12:30 PM, Zan Lynx wrote:
> Every real Yahoo email is signed with DomainKeys. Receiving email
> servers should be checking the signatures. If it doesn't match up it
> should go into spam quarantine automatically. From there a user can free

Regretfully, DomainKeys/DKIM doesn't provide a way to say "My domain uses
DKIM and e-mails from it which are not properly signed should be considered
suspicious".  It only provides a mechanism for saying "This message is a
message legitimately from my domain", you can't say anything about messages
that do not have a valid signature, as far as DKIM is concerned.

I had very high hopes for DKIM, but when I set about implementing it for my
mail servers I found this hole.  <mic drop>


More information about the LUG mailing list