On Tue, Jul 13, 2021 at 10:35:15PM -0400, Bill Cole <postfixlists-070...@billmail.scconsult.com> wrote:
> On 2021-07-13 at 21:18:46 UTC-0400 (Wed, 14 Jul 2021 11:18:46 +1000) > raf <post...@raf.org> > is rumored to have said: > > > I'm beginning to think that DKIM headers might be > > getting added just to improve spam detection scores. > > Perhaps I'm getting too cynical. :-) > > That would not be very effective. > > For example: in Apache SpamAssassin, the presence of a valid DKIM signature > has a net zero score. If it is valid and aligns with both the envelope > sender and the From header address, it can net only -0.2 in a scoring system > with a standard spam threshold of 5.0. That's not quite a meaningless > benefit, but it is not substantial. > > -- > Bill Cole > b...@scconsult.com or billc...@apache.org > (AKA @grumpybozo and many *@billmail.scconsult.com addresses) > Not Currently Available For Hire Thanks. That's good to know. I wonder why it was there, then. Could it really be to thwart a DMARC policy that only reports on SPF and DKIM both failing (which amazon.ca's does)? That can't work. My understanding is that for DMARC, the DKIM signing domain needs to match the sender domain (relaxed or strict). I really need to read the RFC. :-) Maybe it's just to fool human observers. That hardly seems worthwhile. I'm mystified. cheers, raf
