Incoming mail with faked sender domain is being DKIM signed

Django [BOfH] django at
Mon Nov 27 09:21:31 CET 2017

HI Ralf,

Am 24.11.2017 um 17:16 schrieb Ralf Hildebrandt:

> I was testing this with 2.11.0 - went back to 2.10.1 and the expected
> behaviour was restored ( mail from !MYNETS is not being DKIM signed).

Did I understood "your problem right"?

Someone send from a foreign IP a message to your MX on port 25 with a
faked "mail from:<>" and/or "From: "-header to an outgoing recipient and
your AMaVis signed this message with DKIM? right? That sounds very
strange and ugly.

As I noticed, that AMaViS 2.11.0 is only signing mails with "originating
=>1" if I set up AMaVis for both (signing and verifying DKIM), I 'm not
sure if AMaViS is still the best tool for all the ASAV-related stuff on
my mailservers. What 'bout rspamd? Do you thing this could replace AMaViS?


More information about the amavis-users mailing list