[PLUG] Has anyone here used DKIM or Domain Key with their mail server?
Brent Jones
brent at servuhome.net
Tue Aug 26 05:46:35 UTC 2008
On Mon, Aug 25, 2008 at 5:28 PM, Keith Lofstrom <keithl at kl-ic.com> wrote:
>
> Domain Key from Yah-o-o is being absorbed into the IETF's DKIM standard.
> There is apparently a Perl module that can be added to postfix to
> implement this on outbound email. This is apparently a scheme to
> sign emails with the OpenSSL private key so that a recipient MTA
> can check it with the site's public key.
>
> There is a Perl module ( http://dkimproxy.sourceforge.net/ ) that
> supposedly implements this.
>
> Questions: (1) Is this worth the effort? (2) Is it a security risk?
> (3) is the dkimproxy module sound? (4) can you use a self-signed
> cert for this, or do you need an official ($$$) cert from places
> like Thawte or Verisign?
>
> Keith
>
> --
> Keith Lofstrom keithl at keithl.com Voice (503)-520-1993
> KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
> Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>
If you check your mail server logs, or spamassassin logs, I'm sure you'll
find a lot of spam nowadays has correct SPF records and even DKIM
signatures.
I see so much spam come through in fact, that I no longer subtract points
from spam using those systems. It may be you a bit more freedom to send to
the Yahoos and Hotmails of the world, but probably not a whole lot of other
systems.
--
Brent Jones
brent at servuhome.net
More information about the PLUG
mailing list