Request: Please sign this list's messages via DKIM or SPF

[Alvin Starr]

On 04/05/2016 03:42 AM, lst_hoe02--- via Info-cyrus wrote:
>
> Zitat von Binarus via Info-cyrus <info-cyrus at lists.andrew.cmu.edu>:
>
>>
>> Combine SPF / DKIM with domain blacklisting, and then you *have* an 
>> efficient spam fighting tool.
>>
>
> As stated the spam actually reaching our inboxes after around 90% 
> cutoff is valid DKIM/SPF signed as it is mostly from the big free 
> providers like Outlook.com, Google and Yahoo. Some other big share is 
> from professional spam farms with always alternating IP and Domains 
> ranges from all over the world with also valid DKIM/SPF. Next big 
> share is from educational servers also mostly valid DKIM/SPF. The tiny 
> rest with around 10% is in fact not DKIM/SPF signed.
> From the valid e-mail around 20% looks like having a valid SPF/DKIM, 
> mostly professional newsletters not personal mail from customers.
>
> So No, SPF/DKIM is no useful spam fighting tool at least not in our 
> corner of the world.

I kind of have to agree with Andreas to some extent on this.
SPF/DKIM does not help on incoming spam filtering all that much just 
because so few people use it and the default action is to accept mail 
that has no SPF/DKIM tagging.

It is great however for controlling how other people abuse your email 
address.
SPF can stop people from sending mail as you from systems that are not 
your own.
DKIM signs your messages so that you have assurance that they are coming 
from your mail servers.

I would argue that anybody operating a mail server should use SPF/DKIM 
just to make sure they are not helping the spammers.

Sadly putting these tools in place is not trivial and it will only be 
when postfix, sendmail, qmail and others include SPF/DKIM setups as part 
of the default install can things really start to change.


-- 
Alvin Starr                   ||   voice: (905)513-7688
Netvel Inc.                   ||   Cell:  (416)806-0133
alvin at netvel.net              ||