Justin Mason wrote:
> > That should not be a problem - if the message is re-signed, and the
> > resigner inserts his own Sender header field as it is supposed to do,
> > outer DK and DKIM signatures will succeed and the rule will not fire
>
> yeah -- in a perfect world, maybe ;)
How does one move
Justin Mason wrote:
>
> I'd prefer not to do this without some kind of DKIM reputation service up
> and running, so that we don't give bonuses to spammers who sign their
> mails. In our experience, spammers will quickly exploit any SpamAssassin
> bonuses available, and this would be pretty easy.
Mark Martinec writes:
> Thank you all for the feedback.
>
> > > FWIW, I've seen a few mails that had multiple DK signatures, apparently
> > > as the result of going through a DK signed mailing list when the original
> > > message had also been signed.
> >
> > yeah, I think if the list re-signs th
On Wednesday August 16 2006 01:47, Chris Stone wrote:
> On Wed, 2006-08-16 at 01:37 +0200, Mark Martinec wrote:
> > header __L_FROM_YAHOO From:addr =~ /@yahoo\.com$/i
> > header __L_FROM_GMAIL From:addr =~ /@gmail\.com$/i
>
> You should escape the @ signs in the expression: /[EMAIL PROTECTED]/i
Ye
On Wed, 2006-08-16 at 01:37 +0200, Mark Martinec wrote:
> header __L_FROM_YAHOO From:addr =~ /@yahoo\.com$/i
> header __L_FROM_GMAIL From:addr =~ /@gmail\.com$/i
You should escape the @ signs in the expression: /[EMAIL PROTECTED]/i
Chris
> -Original Message-
> From: Mark Martinec [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 15, 2006 7:38 PM
> To: users@spamassassin.apache.org
> Subject: Re: Rule for non-DK-signed mail from yahoo
> This is what I have now:
>
I get this on a lint with SA 3.13:
D
Thank you all for the feedback.
> > FWIW, I've seen a few mails that had multiple DK signatures, apparently
> > as the result of going through a DK signed mailing list when the original
> > message had also been signed.
>
> yeah, I think if the list re-signs the message, that's ok, because it then
Mark Martinec writes:
> Thanks Justin and Daryl.
>
> > > (a) Is "From:addr" rather than "EnvelopeFrom:addr" the right header to
> > > use?
> > I'd say yes. DK signs the message, not the envelope. I'm pretty sure
> > the current milters look for a From: header to decide on what
> > selector/etc
Loren Wilton writes:
> > in other words:
> >
> >- sender @ yahoo.com sends mail to mailmanlist @ somelist.com;
> >- mailmanlist @ somelist.com appends the mailman footer to the body
> > text/plain part;
> >- recipient gets message, reads From addr, verifies DK sig, which now
> >
in other words:
- sender @ yahoo.com sends mail to mailmanlist @ somelist.com;
- mailmanlist @ somelist.com appends the mailman footer to the body
text/plain part;
- recipient gets message, reads From addr, verifies DK sig, which now
fails.
FWIW, I've seen a few mails that ha
Mark Martinec writes:
> Thanks Justin and Daryl.
>
> > > (a) Is "From:addr" rather than "EnvelopeFrom:addr" the right header to
> > > use?
> > I'd say yes. DK signs the message, not the envelope. I'm pretty sure
> > the current milters look for a From: header to decide on what
> > selector/etc
At 11:03 14-08-2006, Mark Martinec wrote:
Having received a couple of messages faking to be from yahoo,
despite FORGED_YAHOO_RCVD and few other rules firing, the final
score was not high enough. Since Yahoo! is signing their
outgoing mail with DomainKeys, I came up with:
header __L_FROM_YAHO
Thanks Justin and Daryl.
> > (a) Is "From:addr" rather than "EnvelopeFrom:addr" the right header to
> > use?
> I'd say yes. DK signs the message, not the envelope. I'm pretty sure
> the current milters look for a From: header to decide on what
> selector/etc to use.
Right, DK (as well as DKIM)
On 8/14/2006 2:23 PM, Justin Mason wrote:
Mark Martinec writes:
Having received a couple of messages faking to be from yahoo,
despite FORGED_YAHOO_RCVD and few other rules firing, the final
score was not high enough. Since Yahoo! is signing their
outgoing mail with DomainKeys, I came up with:
Mark Martinec writes:
> Having received a couple of messages faking to be from yahoo,
> despite FORGED_YAHOO_RCVD and few other rules firing, the final
> score was not high enough. Since Yahoo! is signing their
> outgoing mail with DomainKeys, I came up with:
>
> header __L_FROM_YAHOOFrom
15 matches
Mail list logo
