Re: opendkim adsp tempfail ?
On Mon, 1 Oct 2012, Benny Pedersen wrote:
> i like to reject unsigned emails that is known to sign, but does not
> self make the adsp policy
Right, and that's what LocalADSP is for. We don't implement a "known to
sign" heuristic, but you can with that setting.
> this is imho what adsp is used for, but it only works if i at the same
> time make sure maillist mails is not rejected becurse of that
The trick there is that there's no way to identify list traffic in a
reliable way. If you give preferential treatment to lists, a spammer or
phisher will just make its mail look like list traffic to get through your
checks.
There is an undocumented feature that will reject mail whose From: domain
advertises an ADSP policy of "discardable" sent to a set of addresses you
specify. This is meant to prevent transactional mail from going to lists.
I don't think this is in use, however, so it's likely to be removed soon
unless someone stands up to defend it.
-MSK
Received on Mon Oct 01 2012 - 16:59:18 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:20:44 PST