Re: [exim] DKIM verification and envelope-from

Top Page

Reply to this message
Author: Wolfgang Breyha
To: Robert Wysocki
CC: exim-users
Subject: Re: [exim] DKIM verification and envelope-from
Robert Wysocki wrote, on 26.04.2012 13:07:
> Hi there,
> I'm trying to achieve configuration that would verify DKIM signatures
> for known signers.
> Everything works fine until envelope-from address is one of known
> signers. But many spams have envelope-from set differently than From:
> header, eg. injectingy472@??? in envelope-from and
> something@??? in From: header.
> This enables them to bypass DKIM signature checks and therefor to bypass
> one of the anti-spam mechanisms.

DKIM has no relation to envelope from. DKIM signs and protects the From:
header (and others). Using envelope from for anything related to DKIM can only
produce false positives, eg. common forwards.

Greetings, Wolfgang
Wolfgang Breyha <wbreyha@???> |
Vienna University Computer Center | Austria