Gomes, Rich via Postfix-users: > Perhaps I should re-phrase: > > It was presented in our DMARC portal as "a new selector was > identified"
Anyone can send email with a fake DKIM-Signature: header that identifies a legitimate email sending domain with the 'd=' tag, and hat idebtifies a bogus selector with the 's=' tag. The path in DNS for the public key is constructed by simple concatenation: IN TXT $selector._domainkey.$domain. This was reported wuth a RUF report (DKIM signature check failed, new selector). This suggests that they don't have a matching public key in the DNS. Wietse _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org