Re: Junk mixed in with ham on whitelists

Thu, 22 Feb 2018 07:09:30 -0800 

On 02/22/18 15:56, David Jones wrote:
> On 02/22/2018 08:52 AM, Benny Pedersen wrote:
>> Giovanni Bechis skrev den 2018-02-22 15:39:
>>
>>>> sub check_dkim_valid {
>>>>   my ($self, $pms, $full_ref, @acceptable_domains) = @_;
>>>>   $self->_check_dkim_signature($pms)  if !$pms->{dkim_checked_signature};
>>>>   my $result = 0;
>>>>   if (!$pms->{dkim_valid}) {
>>>>     # don't bother
>>>>   } elsif (!@acceptable_domains) {
>>>>     $result = 1;  # no additional constraints, any signing domain will do,
>>>>                   # also any signing key size will do
>>>>   } else {
>>>>     $result = $self->_check_dkim_signed_by($pms,1,0,\@acceptable_domains);
>>>>   }
>>>>   return $result;
>>>> }
>>>>
>>>> there we go :(
>>>>
>>>> dkim signed should be any key bits allowed, but dkim valid should not 
>>>> allow under minimal key bits
>>>
>>> $self->_check_dkim_signed_by already checks for miminal key bits
>>
>> elsif part is correct ?
>>
>> i read code as any key bits can make valid dkim
> 
> That is also my finding based on:
> 
> https://pastebin.com/mjvB0MKg
> 
> which hit DKIM_VALID with a 768-bit key.
> 
It doesn't for me:
---------------------------------------------
X-Spam-Checker-Version: SpamAssassin 3.4.2-pre3-r1823175 (2018-02-05) on
        bigio.paclan.it
X-Spam-Level: 
X-Spam-Status: No, score=0.1 required=5.0 tests=DKIM_SIGNED,HTML_MESSAGE,
        RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_PASS,T_DKIM_INVALID 
autolearn=no
        autolearn_force=no version=3.4.2-pre3-r1823175
X-Spam-ASN: AS46606 69.89.16.0/20
X-Spam-Report: 
        * -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2)
        *      [69.89.18.3 listed in wl.mailspike.net]
        * -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, 
no
        *      trust
        *      [69.89.18.3 listed in list.dnswl.org]
        * -0.0 SPF_PASS SPF: sender matches SPF record
        *  0.0 HTML_MESSAGE BODY: HTML included in message
        *  0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily
        *      valid
        *  0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
X-Spam-Relay-Country: US ** US
---------------------------------------------
SpamAssassin version 3.4.2-pre3-r1823175
  running on Perl version 5.24.3
with Mail-DKIM-0.40 and Net-DNS-1.14

witch Mail::DKIM and Net::DNS version are you using ?
 
 Giovanni

Reply via email to