nanog mailing list archives
Re: Incoming SMTP in the year 2017 and absence of DKIM
From: Stephen Frost <sfrost () snowman net>
Date: Wed, 29 Nov 2017 12:17:27 -0500
Greetings, * William Herrin (bill () herrin us) wrote:
On Wed, Nov 29, 2017 at 12:03 PM, Eric Kuhnke <eric.kuhnke () gmail com> wrote:For those who operate public facing SMTPd that receive a large volume of incoming traffic, and accordingly, a lot of spam... How much weight do you put on an incoming message, in terms of adding additional score towards a possible value of spam, for total absence of DKIM signature?Zero. DKIM for mailing lists is a horribly broken design and legitimate mailing lists are second only to spam in quantity of SMTP transactions.
Eh, that's really not accurate, imv, and some folks who run mailing lists have put in serious effort to make sure to *not* break DKIM signatures (which is certainly possible to do). The combination of making DKIM signatures work and DMARC allows messages to go through that would otherwise end up getting bounced, from what I've seen. What's annoying are the systems that appear to assume a DMARC policy that says "bounce it if it's not from a server in our SPF list" when there's no DMARC policy in place, but there is an SPF list. Not everyone really wants to put in the effort to set up DKIM, but they're fine putting up an SPF record, but there seem to be a number of servers out there that bounce mailing list traffic in those cases (seems to specifically be MS Exchange systems, from the google'ing that I've done). Thanks! Stephen
Attachment:
signature.asc
Description: Digital signature
Current thread:
- Incoming SMTP in the year 2017 and absence of DKIM Eric Kuhnke (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Blake Hudson (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM William Herrin (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Stephen Frost (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM William Herrin (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Ken O'Driscoll (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Michael Thomas (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM valdis . kletnieks (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM John Levine (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM William Herrin (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Grant Taylor via NANOG (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Stephen Frost (Dec 01)
- Re: Incoming SMTP in the year 2017 and absence of DKIM Blake Hudson (Dec 01)