You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spamassassin.apache.org by bu...@spamassassin.apache.org on 2020/06/16 23:25:53 UTC

[Bug 7827] SpamAssassin reports DKIM invalid when email contains attachment

https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7827

Bill Cole <bi...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |billcole@apache.org
         Resolution|---                         |INVALID
             Status|NEW                         |RESOLVED

--- Comment #1 from Bill Cole <bi...@apache.org> ---

1. This cannot be considered a SpamAssassin bug unless you have some other
trustworthy DKIM signature verifier which validates a signed message that SA
deems invalid.

2. Mail systems routinely make harmless changes to email which break DKIM
signatures. This can include an encoding change that may be necessary to
transport a binary attachment over Internet email. 

3. It is literally impossible to diagnose your problem without a specific
UNMODIFIED complete example. 

4. This is the sort of probable non-bug problem which should be better
addressed on the SpamAssassin Users mailing list. 

5. Redefining & rescoring DKIM_INVALID as you have done is deeply unwise. The
definition in the default ruleset only hits on signed messages whose signature
does not validate and it is scored at 0.1 because of the common problem of DKIM
signatures breaking in transit. Marking every unsigned email and every signed
email with a broken signature as spam (i.e. with a 5.0 score as your rule does)
is a choice to intentionally mislabel mail.

-- 
You are receiving this mail because:
You are the assignee for the bug.