Quanah, * Quanah Gibson-Mount <qua...@zimbra.com>: > --On Friday, February 15, 2013 5:01 PM -0800 John Hardin > <jhar...@impsec.org> wrote: > > >On Fri, 15 Feb 2013, Quanah Gibson-Mount wrote: > > > >>Does anyone tweak the DKIM scores given by SA? There are plenty of > >>scenarios where DKIM has failed, yet SA does not give the email a > >>particularly high spam mark. 3 example test cases below. I guess I > >>was expecting SA would score DKIM failures more aggressively if there > >>are problems with the signing: > > > >DKIM and SPF are anti-forgery tools, not anti-spam tools. > > > >If you take a DKIM-signed email that is whitelisted because of > >whitelist_auth and make a change that invalidates the signature, does it > >still get whitelisted? If not, then SA is doing all that it can > >reasonably be expected to do with the invalid signature. > > > >DKIM or SPF pass or fail *by itself* is not useful as a spam sign. Taken > >together with other factors (such as DKIM invalid + claims to be from > >Wells Fargo) it's useful. > > Ok, thanks. If any of our users ask, this is a good summary. :)
if you want your spam filters to benefit from DKIM, you need to build reputation. You need to account if or if not a domain uses DKIM and what the average spam score of that sender domains is. The OpenDKIM reputation project has introduced a local reputation database and uses SpamAssassin to get the spam score. You might want to investigate in the project if you want to use DKIM (as one of many methods) to filter spam. p@rick -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich
