-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matus UHLAR - fantomas wrote: >> mouss wrote: >>> Byung-Hee HWANG wrote: >>>> mouss wrote: >>>> [...] >>>>> let's start with DKIM. >>>>> do you have >>>>> loadplugin Mail::SpamAssassin::Plugin::DKIM >>>> + i'm use with following rule ;; >>>> score DKIM_VERIFIED -45.3 >>>> >>> then you won't catch spam relayed by yahoo, ... etc. > > On 10.11.08 04:11, Byung-Hee HWANG wrote: >> Well, i don't care. I accept the emails passed by DKIM, anyway.. > > so you intentionally create false negatives just because they are DKIM > signed?
My answer is "Yes" if i should say. Because of the spam case is the concern of the hosting, not DKIM. Yahoo and Google are trying for the such spam case. Let's get serious. If you had reading specs of RFC4408 and RFC4871, you know the role of both SPF and DKIM. Exactly both SPF and DKIM are tools for anti-pishing, not anti-spam (at here i defined the term "SPAM" as "UCE"). Sometimes we received the spam passed DKIM from Yahoo and Google. However. We have no way to stop the such spam in this time. Because stopping the such spam is not DKIM's scope. So what we says "DKIM is bad" is wasting times for the spam passed DKIM from Yahoo and Google. As same step, we cannot say "SPF is bad". We need to talk more about this issue. byunghee -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iEYEARECAAYFAkkXZZMACgkQsCouaZaxlv6gowCghrzT8q+km/AlSMw7sxsjJkHA bW4An1yJ2QLUYfMI24X53xIhU5dv6Zc6 =j8qH -----END PGP SIGNATURE-----
