Incoming mail with faked sender domain is being DKIM signed
django at nausch.org
Mon Nov 27 09:21:31 CET 2017
Am 24.11.2017 um 17:16 schrieb Ralf Hildebrandt:
> I was testing this with 2.11.0 - went back to 2.10.1 and the expected
> behaviour was restored ( mail from !MYNETS is not being DKIM signed).
Did I understood "your problem right"?
Someone send from a foreign IP a message to your MX on port 25 with a
faked "mail from:<>" and/or "From: "-header to an outgoing recipient and
your AMaVis signed this message with DKIM? right? That sounds very
strange and ugly.
As I noticed, that AMaViS 2.11.0 is only signing mails with "originating
=>1" if I set up AMaVis for both (signing and verifying DKIM), I 'm not
sure if AMaViS is still the best tool for all the ASAV-related stuff on
my mailservers. What 'bout rspamd? Do you thing this could replace AMaViS?
More information about the amavis-users