Author: Wolfgang Breyha Date: To: Robert Wysocki CC: exim-users Subject: Re: [exim] DKIM verification and envelope-from
Robert Wysocki wrote, on 26.04.2012 13:07: > Hi there,
> I'm trying to achieve configuration that would verify DKIM signatures
> for known signers.
> Everything works fine until envelope-from address is one of known
> signers. But many spams have envelope-from set differently than From:
> header, eg. injectingy472@??? in envelope-from and
> something@??? in From: header.
> This enables them to bypass DKIM signature checks and therefor to bypass
> one of the anti-spam mechanisms.
DKIM has no relation to envelope from. DKIM signs and protects the From:
header (and others). Using envelope from for anything related to DKIM can only
produce false positives, eg. common forwards.
Wolfgang Breyha <wbreyha@???> | http://www.blafasel.at/ Vienna University Computer Center | Austria
This message was posted to the following mailing lists: