As far as I can tell DKIM is just a cryptographically secure way of telling a mail server that you're honestly repesenting yourself as a spammer.

@craigmaloney It makes *other* measures of reliability / reputation more useful.

A DKIM'd message from a reliable provider is less likely to be spoofed.

@craigmaloney I still haven't worked up courage to go into my postfix/amavisd/whatever guts and unteach him to take DKIMs seriously.

As far as I can tell, the way it's supposed to work is I should contact the mail provider of a spammer so they take action. Which never works because if the provider is big enough (cough, gmail, cough) they simply ignore all this stuff unless it's coming from somewhere equally big.

@craigmaloney probably you expect #DKIM something else what it is. 😉
It's not a simple problem, faking. ARC fails, SPF kinda, hashcash and like haven't even got the chance to fail. Tough shit. At least you can use DKIM whitelisting for trusted relays.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!