DKIM with MailScanner

Thu Mar 8 17:56:03 CET 2007

> The score warnings you see in your lint now are not related to DKIM. I
> assume when you say that the scores are still showing up as 0 you are
> referring to DKIM (e.g. DKIM_SIGNED, DKIM_VERIFIED, etc.)

My bad.
I mean that mail comes unscored by MS:
---
X-CPTeam-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=0,
required 4, autolearn=not spam)
--

DKIM is unscored too.

> The default rules are something miniscule, like 0.001 and -0.001, just
> so that the rule appears int he report while you figure out what your
> policy should be. Now, it's up to you to decide what your DKIM policy
> shall be.

What config should I alter to definy policy?

> I asked on this list a couple weeks ago with no replies. But, I'm
> finding that entities who may use a DK or DKIM signature are still
> spammy sometimes. Take for example a large mail-order catalogue
> company. Their mail would normally get caught by rules for things like
> image weight, textual intention of trying to sell something, etc. Now,
> you go and reward them heavily for passing a DKIM test and now their
> mail suddenly gets through.
> 
> Personally, I'm not sure I want to be that kind.  On the other hand,
> you could give a hefty penalty for those who have a forged DKIM
> signature, but I haven't seen a forgery attempt with either DK or DKIM
> yet.
> 
> I'm interested in others' opinions on this as well.

Make me think about it again.
Probably the best start is low score, indeed.

Best,

--
Arthur Sherman

+972-52-4878851
http://www.cpt.co.il/ 