You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Nick Edwards <ni...@gmail.com> on 2015/05/03 05:34:39 UTC
dkim invalid and 3.4.1
Is there any reason
reason="invalid (public key: not available)" is declared as "error"
to fail t_dkim_invalid
1.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
This is published a neutral so should not be considered invalid
This only occurs since upgrade 3.4.0 - 3.4.1, no changed made by the
sender - its a govt dept, who doesnt change things at all let alone in
middle of weekend.
Be a shame to have to score that 0 simply because the code over reacts.
Re: dkim invalid and 3.4.1
Posted by Reindl Harald <h....@thelounge.net>.
Am 03.05.2015 um 13:43 schrieb Nick Edwards:
> On 5/3/15, Reindl Harald <h....@thelounge.net> wrote:
>>
>> Am 03.05.2015 um 05:34 schrieb Nick Edwards:
>>> Is there any reason
>>>
>>> reason="invalid (public key: not available)" is declared as "error"
>>> to fail t_dkim_invalid
>>
>> yes, it hits way too often for legit, signed mail and so produces false
>> positives
>
> I assume you are agreeing with me, since you are not answering me
> because you are in no way related to the spam assassin project so
> wouldn't know the answer
i do not need to be related to the project to remember discussions about
that rule on this list a few months ago and if you would read your list
messages you would remmber too
Re: dkim invalid and 3.4.1
Posted by Nick Edwards <ni...@gmail.com>.
On 5/3/15, Reindl Harald <h....@thelounge.net> wrote:
>
>
> Am 03.05.2015 um 05:34 schrieb Nick Edwards:
>> Is there any reason
>>
>> reason="invalid (public key: not available)" is declared as "error"
>> to fail t_dkim_invalid
>
> yes, it hits way too often for legit, signed mail and so produces false
> positives
>
>
I assume you are agreeing with me, since you are not answering me
because you are in no way related to the spam assassin project so
wouldn't know the answer.
anyway, I have zero'd this score to make this rule irrelevant
Re: dkim invalid and 3.4.1
Posted by Reindl Harald <h....@thelounge.net>.
Am 03.05.2015 um 05:34 schrieb Nick Edwards:
> Is there any reason
>
> reason="invalid (public key: not available)" is declared as "error"
> to fail t_dkim_invalid
yes, it hits way too often for legit, signed mail and so produces false
positives
Re: dkim invalid and 3.4.1
Posted by Mark Martinec <Ma...@ijs.si>.
>> 1.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
> The score for this rule should be a zero or a near-zero.
> There must be some problem with assigning a score to
> such test rule (the 1.0 is a default value if a score line
> is missing).
T_DKIM_INVALID is a test rule, as such its score should be 0.01
by default. Make sure the sa-update has provided an up-to-date
version of rules.
Mark
Re: dkim invalid and 3.4.1
Posted by Mark Martinec <Ma...@ijs.si>.
On 2015-05-03 5:34, Nick Edwards wrote:
> Is there any reason
> reason="invalid (public key: not available)" is declared as "error"
> to fail t_dkim_invalid
>
> 1.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
>
> This is published a neutral so should not be considered invalid
>
> This only occurs since upgrade 3.4.0 - 3.4.1, no changed made by the
> sender - its a govt dept, who doesnt change things at all let alone in
> middle of weekend.
>
> Be a shame to have to score that 0 simply because the code over reacts.
The score for this rule should be a zero or a near-zero.
There must be some problem with assigning a score to
such test rule (the 1.0 is a default value if a score line
is missing).
An invalid or unverifiable DKIM signature is supposed to be
treated equivalent to a missing signature.
Mark