Russell Coker <[email protected]> wrote: > I use opendkim to check DKIM and also sign outbound messages. In almost all > cases the program that signs messages will also check messages - assuming you > use the same server for inbound and outbound mail. >
I'm using opendkim as well (in both directions, naturally). > I use the Debian package postfix-policyd-spf-perl for SPF checks. > Thanks - I'll look at it. > I think that SpamAssassin does SPF checks by default and you can also > configure > it to use DKIM check results to add to the score (if you don't want to just > reject mail that fails DKIM). > Another interesting option reviewed by lwn.net earlier in the year is rspamd - designed to be more modular than Spamassassin. It's on my list of tools to investigate. > Most mailing lists break SPF and DKIM so a reject will cause you some > problems > if you use many lists. > I do, but quarantine would have a similar effect (some of my mailing list posts would enter recipients' spam folders). > That's only if the header is modified for the mail to be "from" the list. > Doing that requires a recent version of Mailman (in this case Debian/Jessie > not Debian/Wheezy) and being willing to turn it on. I hope more mailing list administrators upgrade and enable such options. The combination of DKIM, SPF and DMARC has the potential to provide a much increased ability to discern legitimate messages and to deal with the remainder appropriately. _______________________________________________ luv-main mailing list [email protected] http://lists.luv.asn.au/listinfo/luv-main
