-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2/18/2014 7:10 PM, Suresh Ramasubramanian wrote:
DKIM serves to authenticate the source of the message. So this is a stock tip spam sent through an email service provider called icontact, and the dkim signature declares that. Just that and nothing more.
Says nothing at all about the email's reputation - whether it is spam or not.
--srs
On Tuesday, February 18, 2014, Randy Bush <randy@psg.com> wrote:
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2/18/2014 7:10 PM, Suresh Ramasubramanian wrote:
DKIM serves to authenticate the source of the message. So this is a stock tip spam sent through an email service provider called icontact, and the dkim signature declares that. Just that and nothing more.
Says nothing at all about the email's reputation - whether it is spam or not.
--srs
On Tuesday, February 18, 2014, Randy Bush <randy@psg.com> wrote:
Yeah, it just validates the domain that the email came from. But, "X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ran.psg.com X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,HTML_MESSAGE,MIME_QP_LONG_LINE,*T_DKIM_INVALID* autolearn=ham version=3.3.2" Spamassassin knows the dkim signature is invalid, so there must be a dns query that occurs at this point in the message processing. If that is the case, there must be someway to configure to reject if the dkim signature is invalid. "X-Spam-Status: No, score=0.8 required=5.0" Spamassassin isn't going to block anything until it registers a score of 5. So, just having a dkim signature (even though invalid) is possibly lowering the score. Maybe you could tweak the settings to pick-off spam at a lower score. But, setting your levels down to 0.8 would probably block legitimate email. You could always block their ip in the helo_access (or iptables) of your postfix server (I'm assuming that's what you are using). But that's only going to be a temporary fix. You could also add a rbl query to your mail server config to spamhaus. That could always help. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTBCy2AAoJEMBLKVFKNw4KFDUH/RktUI0ybOj0ruWw06RZUzcD bHiFb/QUahqXihFQMkSwofjV/WovcGkSQgCpzM3XFyGdoo79KzgJ9ByrlPLfIOdI m/pvcRSODl+rOsaXR1VS0bUyTtdRzEdRZ2EQxvXeaSIOnsZCegG+noY+7GJ5U70o NyctfgEod0sxFqeJKTzjXpCaXJsuwFBUL3PlLXVWE6ilAtaxh8KBCmIG/kFMrtoG P+DlTm17d63WZeVBvsZ7YHe/moVm57gBLCsmA8aI6qgqdCGbpkT3p/rKAEcqeV6z RyyIC4vm9gaaJmuh7Cz7hoM2whGsWSxfrNaGV0hCRoNGBAup5NFIQQfsTn858Dc= =Aztz -----END PGP SIGNATURE-----