nanog mailing list archives
Re: Incoming SMTP in the year 2017 and absence of DKIM
From: Grant Taylor via NANOG <nanog () nanog org>
Date: Wed, 29 Nov 2017 13:48:25 -0700
On 11/29/2017 01:35 PM, Blake Hudson wrote:
Where DKIM/SPF really help is when there's a failure that indicates a message has been spoofed.
There are other legitimate things that can break DKIM signatures. I have personally seen changes in content type encoding break a DKIM signature.
The message was perfectly valid, and only failed DKIM signature validation.
This is a good indication of phishing and is a justified reason to reject or quarantine a message in the interest of your employees or subscribers.
As much as I would like to be able to safely reject on DKIM Signature validation failure, I don't think that it is safe to do so.
Sometimes these will be config errors, but I feel confident telling the sender to take config issues up with their service provider.
Hopefully this will bring the perceived problem to someone's attention who can hypothetically do something to correct it.
-- Grant. . . . unix || die
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Incoming SMTP in the year 2017 and absence of DKIM Eric Kuhnke (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Blake Hudson (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM William Herrin (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Stephen Frost (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM William Herrin (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Ken O'Driscoll (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM valdis . kletnieks (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Stephen Frost (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Blake Hudson (Dec 01)