Author: Sven Hartge Date: To: exim-users Subject: Re: [exim] DKIM in exim: Broken?
Phillip Carroll <postmaster@???> wrote: > On 11/10/2014 4:12 AM, Patrick von der Hagen wrote: >> I'm curious how you know that those were valid signatures and no changes
>> took place in transit? > When I asserted I "know" that the bank's emails were signed correctly, I
> admit that assertion was NOT based on actual certain knowledge. Instead,
> it was based on a more heuristic sort of reasoning: > (c) If then, millions of emails with faulty signatures are being
> sent, how is that no one else has discovered this, or if they have, why
> has an institution with trillions on deposit done nothing to fix the
> problem?
Because, honestly, there are so many false positives concerning DKIM
signatures (mailinglists adding their signature to the body, servers
reencoding subjects, etc.) nobody gives a fsck about this.
I won't find it surprising if Chase's botched DKIM signature has been
going on for some time, somebody (like you) noticed it, sent a mail to
Chase's IT department, got no reply and thought "ah, what the hell" and
that's the end of the story.
If your reasoning is "this is a multi-billion dollar company, the surely
will know what they are doing", then you will have a really bad day,
believe me.