On 4/22/2011 4:24 PM, Lynda wrote:
Nearly all of the spam I see is DKIM signed. It just makes messages bigger. I'd just as soon our volunteers spend their times on other things, myself.
In the off-chance you are assuming that the presence of a DKIM signature is supposed to mean something about the quality of a message, please note that it isn't. It is only meant to supply a reliable, valid identifier, with which assessments can then be made. That assessment step is where the fun happens. See: <http://dkim.org/specs/draft-ietf-dkim-deployment-11.html> For reference, spammers are typically early adopters of newly security standardized mechanisms, in the (demonstrably valid) belief that some folk confuse identification with quality assurance. In particular, the DKIM d= identifier is primarily helpful for avoiding false positives. That is, it is for an assessment process targeting signers you trust, rather more than for targeting those you don't. If you don't care about the trust side of the filtering equation, I suspect DKIM will not be all that helpful for you. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net