I've a couple security/spam questions for the more experienced. 1(a) A while back Gary <li...@lazygranch.com> noted the very useful http://dkimvalidator.com/ . It has the curious habit of simultaneously saying
Validating Signature result = pass Details: in the DKIM section and this sort of thing in the samassassin section: SpamAssassin Score: 0.201 Message is NOT marked as spam Points breakdown: 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid Is this normal or a point for worry? It did say "not spam". 1(b) I've noticed that my domain key record tends to get spaces inserted. I presume strings get concatenated and so this isn't a source of concern. But I've not found that documented. (I didn't read the RFC cover to cover, I admit.) I think that section 2.8 (whitespace) of RFC 6376 and the BNF that follows says that white space doesn't count. There are over 200 pages of RFC on DKIM (that I found before I got tired of looking). jeff@birdsong:~ $ host -t TXT mail._domainkey.p27.eu mail._domainkey.p27.eu descriptive text "v=DKIM1; h=sha256; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSJRsAihnsJklyYQvm59m0B6rOK+hwFtMWGGQtDPDTVtzU59Sa1DSK8sAlS0tGUb+kEd3" "onPUJBmLLr30R8KihfQP1iSB9MjGSjuOXKs8BX6/3i1hX8xCYJ/Pc6E6AvrnVqBr4SDZ5ID62VXfBP7UUrnemO2uMSYnexkHDWubPEJHb7vXTPi5ugRGeuuOg7XzIUayNN/fV+njs 774R09/XGvxb" "NkJSbhiQa6J0IHbc4cVLQc9Xc7uNSfG6u/LendXrctd3XgPtJz/xUK140VJJzsXebgfiH/SDFbxbiUXWlzktDfxiOQ6rOYVuTdBQgkoVSdzldx++qmwpUHefZG9wIDAQAB" jeff@birdsong:~ $ 2(a) I get lots of dmarc reports. After looking at a few, I started pushing them to a special dmarc mailbox where I don't have to see them. Is there any sense in which these are actionable ? Should I occasionally look at them or set a machine to look at them? Are there any easy ways to look at them, say a mutt viewer? (Detach, ungzip, and dmarc-cat doesn't scale.) Or automated tools? 2(b) Is there any general guidance for whether to set the policy to nothing, spam, or reject? 3. I'm finding that occasionally sites will stop delivering our mail. Sometimes they explain it (hotmail refusing to accept) and one can flag it. Other times (OVH recently) someone just stops seeing my mail at all. Some sites claim that ISPs block entire /24's, which strikes me as oddly indiscriminant post-1990 or so. Is this all normal? I sometimes think the world just wants small site operators to believe that they should be paying the big guys instead. ;-) -- Jeff Abrahamson +33 6 24 40 01 57 +44 7920 594 255 http://p27.eu/jeff/ http://mobilitains.fr/
