| To: | qmail@list.cr.yp.to |
|---|---|
| Subject: | Re: Broken DomainKey .. or dead project? |
| From: | Matt Simpson <net-qmlist@jmatt.net> |
| Date: | Wed, 4 Apr 2007 15:39:37 -0400 |
| Comment: | DomainKeys? See http://antispam.yahoo.com/domainkeys |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | gmail-qmail@securepoint.com |
| Delivered-to: | sp.com.list@gmail.com |
| Delivered-to: | mailing list qmail@list.cr.yp.to |
| Domainkey-signature: | a=rsa-sha1; q=dns; c=nofws; s=default; d=jmatt.net; b=rXU7mcjetGi59JVcBO0D8NB/B5qABQlHqDqoGzTHKiqGSyAfiEG1YB+TshQD9k8TP9F0jgrmzVMSC05OwDJ5sq+w2/lOtTfceHKhb5Ny8YT+VrSUUxR/ERQymKn1y+5uNzRs/MoSAUl4Y/7aJJhkhyXX1pA9lojGWOI8uET2AtM=; h=Received:Mime-Version:Message-Id:In-Reply-To:References:Date:From:Subject:Mime-Version:Content-Type; |
| Domainkey-status: | bad |
| In-reply-to: | <b86db13f0704041207p6b6c548ai617ff192c7d27414@mail.gmail.com> |
| Mailing-list: | contact qmail-help@list.cr.yp.to; run by ezmlm |
| References: | <b86db13f0704011331m4135c427vc934ced0d8b64120@mail.gmail.com> <20070401205313.GA5988@discworld.dyndns.org> <b86db13f0704011429x17f3e0b1w903861f725380af5@mail.gmail.com> <20070401225748.GA6359@discworld.dyndns.org> <1175514940.31108.92.camel@castor.taos-it.nl> <b86db13f0704041207p6b6c548ai617ff192c7d27414@mail.gmail.com> |
Sometime last year, I asked some questions on this list about
Domainkeys and qmail-dk, and Russ Nelson responded. His response
indicated that he might have been considering further development of
qmail-dk, but I'm not sure what he's done with it since then. That
dialog can be seen in the list archives at
http://marc.info/?l=qmail&m=114805494228980&w=2Based on Russ's responses (and questions), and remarks from others, I decided that a qmail-queue frontend, like qmail-dk, was probably not the appropriate place for domainkeys verification. It's not really feasible to make a "yes/no" decision about accepting mail based solely on domainkey signature. The best you could do would be to have it provide information to be used by some more intelligent spam filter which would use that as one of many factors to make a judgment. And if you're going to use some more intelligent spam filter, you might as well use one like spamassassin, which has domainkey support in it already, eliminating the need for verification by qmail-dk. I still think qmail-dk is handy for signing outgoing messages. One of the limitations mentioned, not being able to specify which headers are included, has been fixed with a version of qmail-dk provided by Richard Lyons http://test.frob.com.au/qmail/patches/qmail-1.03-dk-0.54-exclude.patchThere are still some issues with qmail-dk. One that I recently encountered was not being able to sign bounce messages. I still haven't resolved that one. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: timeoutsmtpd downsides, Charles Cazabon |
|---|---|
| Next by Date: | Re: Broken DomainKey .. or dead project?, Charles Cazabon |
| Previous by Thread: | Re: Broken DomainKey Implementation, Erik A. Espinoza |
| Next by Thread: | Re: Broken DomainKey .. or dead project?, Charles Cazabon |
| Indexes: | [Date] [Thread] [Top] [All Lists] |