I am aware of DKIM and DMARC and SPF. You wil note this email address
which I self host uses all three. As do all domains I run for email.
My question is is it useful?
- given so many lists even one dedicated to email management give "red"
unsigned flags
- that I get a ton of spam '/ phishing and such all beautifully signed
by DKIM even with DMARC etc. which not only get through that filtering
but also zen.spamhaus... etc
- given most email domains which do use DKIM don't use strict and in
most cases for good reasons.
It may help and that may be good enough for those tools. But clearly it
isn't a "solution". More a sticky plaster applied to do the job of a
tourniquet
C
On 24/07/2020 17:10, Robert L Mathews via mailop wrote:
On 7/24/20 2:51 AM, Christian de Larrinaga via mailop wrote:
All emails on this list are showing with red DKIM signed boxes
That's because this list alters the message From header and body without
re-signing it. (If the list re-signed outgoing Mailman messages with a
"mailop.org" DKIM signature, it would work.)
Is this useful?
Sure: It's saying you got a message claiming to be from
mailop@mailop.org that isn't signed by mailop.org, which is exactly what
it's supposed to do.
Whether one decides to trust something less based on that is a different
matter. For example, I care about the DKIM verifier result for messages
claiming to be from my bank, but I don't worry about it for list messages.
That said, if every MUA showed DKIM results, I suspect there would be a
lot more DKIM signing just based on the naive complaints it would
generate. Few people cared about making sure their non-financial website
used SSL until every browser started claiming it was "not secure".
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
