Read this: https://www.bitwell.biz/?q=node/20
It pretty much describe the issue. 20. kesäkuuta 2016 21.18.29 GMT+03:00 Alex <mysqlstud...@gmail.com> kirjoitti: >Hi, > >We've been having a problem with phishing attacks by spoofing the >MAILFROM and From address. We've implemented SPF which takes care of >the MAILFROM problem, and have built a number of rules that block From >address spoofing. > >We haven't implemented DKIM for our own domain yet, and it's not >something we can do right now. > >There's still a legitimate requirement to have internal users use >external services (createsend, constantcontact, etc) to distribute >newsletters, etc, to internal users using users in our own domain. > >In other words, we want to block the unauthorized use of our internal >users addresses, but permit the legitimate authorized users to be able >to use these external services. > >Many of these services use DKIM to sign the messages. I just wanted to >make sure I wasn't missing something important by whitelisting our own >domain using the DKIM sigs that arrive? > >whitelist_from_dkim *@example.com >whitelist_auth *@example.com > >Should I be able to test a message that was already received but >quarantined for DKIM_VALID or has the message been changed in some way >after receiving it that prevents it from passing DKIM? > >X-Envelope-From: <sender-shusdk1iulyjrtdh...@cmail20.com> >From: "Sender" <sen...@example.com> >To: "Recip" <re...@example.com> > >The message passes DKIM: > >-0.1 DKIM_VALID Message has at least one valid DKIM or DK >signature > 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not >necessarily valid > >DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=cm; >d=example.com; >h=Subject:From:To:Reply-To:Date:MIME-Version:Content-Type:List-Unsubscribe:Message-ID; >i=sen...@example.com; > bh=+As5afWxvhSaKbwlO/EZvX1OZrs=; >b=o8CcMc3vzBUyeJVQ/27v75R/QZDPU8vB+AMr1Dg5TGyyEvwZYhTjlm9lTxteGVGzaZPAhtlVM > 2nNUItbgRjnEvpbRA7Hdsh7QHAso8Mf4i1z3KfUqAFV3V1PMnO65 > >but running the message through spamassassin again with the whitelist >entry doesn't actually whitelist the message. > >Ideas greatly appreciated. >Thanks, >Alex -- Jari Fredriksson Bitwell Oy +358 400 779440 ja...@bitwell.biz
