On Thu, Aug 29, 2024 at 09:58:19AM -0700, Mark Fletcher via mailop wrote:
> Hi All,
> Over the past couple of years, we've had several instances of the following
> behavior:
>
> - Someone controlling several Yahoo/Hotmail/Gmail accounts will sign them
> up to mailing lists. Each address will sign up for 1-3 lists, via email.
> These are all confirmed opt-in.
> - Months later, they will forward the messages they've received from these
> lists, unmodified, to many (seemingly) random people, all at once
How often can you reasonably rotate your DKIM signing keys (really
mint a new selector and key)?
If the original DKIM signature is no longer valid "months later", to
what extent might that solve your problem?
Of course not all receiving systems check DKIM/DMARC, but perhaps
ones you care about do?
> What I'm trying to understand is what they're hoping to accomplish. I
> suppose it could be a straight up harassment campaign against us or the
> people they're forwarding the emails to. But I'm wondering if it's
> something different. Are they trying to somehow increase sending reputation
> for their email addresses, to increase their own spam email deliverability
> (and if so, how would that work)? Or something else?
Perhaps indeed sending legitimate messages somehow helps the spammer's
IP reputation. Rotating keys every couple of weeks may help, perhaps
this may also require DMARC "p=reject".
--
Viktor.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
