DKIM = SPAM?

MrToast · ‎31-07-2007

I received a legitmate mail the other day from a mailing list I'm signed up to. Previously email from this source (Marriot Hotels) has passed the SPAM filter un-tagged.
The list operator has now thoughtfully implemented DKIM. Voila DSPam now rates it as SPAM on the basis of the DKIM content:
X-DSPAM-Factors: 15,
like+confirmation, 0.00350,
Subject*Marriott, 0.00888,
border="0"+height="2", 0.00968,
X-DKIM*base+00, 0.99000,
X-DomainKeys*base, 0.99000,
X-DomainKeys*01, 0.99000,
Subject*rates+for, 0.01000,
X-DomainKeys*base+01, 0.99000,
X-DKIM*Ecelerity, 0.99000,
X-DomainKeys*draft+delany, 0.99000,
86+<FONT, 0.01000,
Date*0800+(PST), 0.01000,
X-DKIM*draft, 0.99000,
X-DKIM*dkim, 0.99000,
X-DomainKeys*domainkeys, 0.99000
Perhaps DKIM is more likely to be used by Spammers (than legit mail) as SCD was? Is this how the filters have become trained in this way?
NB. DKIM or Domain Keys Identified Mail is a cryptographic method of signing the email. A public key being available via DNS.
See http://dkim.org/

Tony_W · ‎11-08-2007

I understood that Domain Keys Identified Mail was a new anti spam method of ensuring that an email originates from a particular source.
see http://newsvote.bbc.co.uk/1/hi/technology/7027451.stm.
Surely DSPAM shouldn't be putting 0.99000 ratings on that.

MrToast · ‎31-07-2007

Quote from: Tony
I understood that Domain Keys Identified Mail was a new anti spam method of ensuring that an email originates from a particular source.

No.... it shows that the sender of the email has the private key which corresponds with the public key on the DNS server. In effect this means that the email sender has control of the domain name used in the 'From' address.
Unfortunately Spammers have shown that they are able to quickly generate domain names and use them for websites to ply thier trade. They may only be 'up' for a few hours before being shut down..... The same could happen for the 'From' address domains in SPAM.

DKIM = SPAM?

DKIM = SPAM?

Re: DKIM = SPAM?

Re: DKIM = SPAM?