> But I think the trouble is that SPF_FAIL and DKIM_SIGNED without > DKIM_VERIFIED doesn't necessarily mean it's not being spoofed, right? > > For that reason I really haven't been able to make scoring decisions > on either of them.
Both the DKIM_SIGNED and the DKIM_VERIFIED (now renamed to DKIM_VALID) are just informational and their scores must be near-zero. The DKIM_VALID only becomes useful when combined with other rules (and DKIM_SIGNED remains purely informational, no matter what). Mark
