On 2021-07-16 at 03:12:38 UTC-0400 (Fri, 16 Jul 2021 17:12:38 +1000)
raf <post...@raf.org>
is rumored to have said:
On Wed, Jul 14, 2021 at 02:51:25PM +1000, raf <post...@raf.org> wrote:
On Tue, Jul 13, 2021 at 10:35:15PM -0400, Bill Cole
<postfixlists-070...@billmail.scconsult.com> wrote:
On 2021-07-13 at 21:18:46 UTC-0400 (Wed, 14 Jul 2021 11:18:46 +1000)
raf <post...@raf.org>
is rumored to have said:
I'm beginning to think that DKIM headers might be
getting added just to improve spam detection scores.
Perhaps I'm getting too cynical. :-)
That would not be very effective.
For example: in Apache SpamAssassin, the presence of a valid DKIM
signature
has a net zero score. If it is valid and aligns with both the
envelope
sender and the From header address, it can net only -0.2 in a
scoring system
with a standard spam threshold of 5.0. That's not quite a
meaningless
benefit, but it is not substantial.
It seems that there are corporate mail services that
operate differently (well, at least one).
According to this:
https://postmarkapp.com/blog/proof-dkim-and-senderid-improve-delivery
DKIM can mean the difference between mail being put in
the Junk folder or the Inbox (when there's a PDF
attachment).
Note that what mattered in that story wasn't merely a valid DKIM
signature, but a signature which aligned with the sender domain, applied
by an identifiable ESP who surely had a reputation of some sort with a
sophisticated filtering operation like Postini (now absorbed by Google.)
It might be to help services like
mailchimp. I've received mail From: gmail.com with a
mailchimpapp.net DKIM signing domain (so really sent by
mailchimp).
DKIM helps in conjunction with a reputation for the domain being signed
for and/or the generator of the signature. If you're Postmark or
MailChimp, your signature on behalf of a customer is more meaningful
than that of Joe Spammer by and for a domain that was created yesterday
and will be burned tomorrow. You can see this in SpamAssassin, where
there is a substantial bit of code and thought behind allowing users to
give specific senders of their choice a pass IF a message is
authenticated by DKIM or SPF.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
