From: Wietse Venema (wietseporcupine.org)
Date: Tue Jun 06 2006 - 19:06:05 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Harvey Smith:
> On Tue, Jun 06, 2006 at 05:46:53PM -0400, Victor Duchovni wrote:
> > On Tue, Jun 06, 2006 at 11:36:27PM +0200, Robert Schetterer wrote:
> >
> > > how is your experience about domain keys, can anybody tell a little bit
> > > how much spam would it stop ....
> >
> > None. Domain Keys authenticates message origin. It at this time a
> > whitelisting technology to help prevent FPs for sources you trust.
>
> I don't even see how it could be used for this. If I 'trust' a source
> as to not be forging the envelope From then I can simply ban the email
> address if they're sending spam or whitelist it if not. I get a fair
> amount of 419 style spam from yahoo servers which I don't accept
> becuase its not whitelisted and I can't see how DK would help me in
> this whitelisting. Since I trust the source I can whitelist the address.

If someone knows that you trust domain example.com, anyone could
send mail with an example.com sender address and exploit your trust.

With DK or other forms of in-message authentication, the recipient
can distinguish between mail that actually comes from example.com,
and mail that only pretends to be from example.com.

        Wietse

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]