Peter Bowyer wrote: >
> To expand on your point - Domainkeys and DKIM, along with SPF, allow
> you to confirm with a degree of cerrtainty that the purported sender
> of the mail did indeed send it. The fact that a message has a
> signature that validates (DK/DKIM) or an SPF PASS shouldn't in itself
> tell you that it's a message you want to accept. Combined with a
> whitelist and a blacklist of trusted and unwanted senders
> respectively, it starts to get useful. For example, assuming you want
> to receive email from paypal.com, you can use DK to sift the real
> paypal.com email from the phishing attempts with 100% accuracy. (OK,
> someone will demonstrate a corner case which makes it less than
> 100%.....)
>
>
>
> bignastyspammer.com confirming their identity with DK/DKIM or SPF may
> be a neutral thing (if you know nothing already about
> bignastyspammer.com), or a good thing (you already know
> bignastyspammer.com are spammers and you can reject with certainty).
> And if neutral, your content scanner or your users can help train your
> blacklist. Either way, it's definitely not a bad thing.
>
> Peter
>
>
>
I think what I'm looking for is to use domain keys to reject paypal
phishing and pther phishing of banks in particular. I found SPF to be
less that worthless and I'm hoping that domain keys are at least
somewhat useful.
So if my goal is to get rid of at least most paypal phishing with no
false positives, will domain keys do that? If so - does someone have
some sample ACLs to share?
