Tag Archives: dkim

Protecting domains from spammers

Spammers quite often ‘spoof’, or fake, the from address of an email.

As a result of this, many unsuspecting domain owners are being ‘blamed’ for spam that appears to come from their domain.

Fortunately, there is a relatively easy way to protect your domain from this: Publish DMARC policies.

If you are publishing SPF records and signing your email with DKIM, you can publish DMARC policies that tell receiving mail servers what do with emails that don’t align with the SPF and DKIM information.

SPF policies are DNS records that indicate what mail servers your mail is sent from.

DKIM is a way to add digital signatures to your email so that receiving mail servers can verify it was sent from an authorized source and that it wasn’t modified in transit.

Now what if you have a domain that you NEVER send email from?

Protecting those domains from being used in spam is even easier.

Continue reading

DKIM Rule – SpamAssassin

I put together a new SpamAssassin rule that will help identify spam from spoofed email addresses.

Some email providers always sign email with DKIM or DomainKeys … based on this assumption, if you get a message from one of those domains and it isn’t signed, you can assume its more likely to be spam.

This particular rule operates on the assumption that all mail from Yahoo & Gmail will be signed.  It does not, however, raise the score a huge amount … because it’s just more LIKELY to be spam if it’s not signed … it’s not guaranteed to be spam. Some people may use the Yahoo or Gmail account’s in the from address, but not actually send from that service.
Continue reading