[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

What should be done with incoming emails that fail DKIM verification?

Is it wrong to block emails that fail DKIM verification?
0
robw24
Asked:
robw24
  • 2
1 Solution
 
souseranCommented:
See this DKIM FAQ:

DKIM Frequently Asked Questions

http://dkim.org/info/dkim-faq.html

I'd say that automatically failing them will only guarantee the delivery of messages that are sent by DKIM participants. That is by no means every legitimate email user who may want to send you email.
0
 
robw24Author Commented:
Sorry, I don't think I understand what you mean. If you mean that by blocking emails that fail DKIM verification will block legitimate emails that do not use DKIM, then that is absolutely false. If an incoming email is not signed (not using DKIM) then it is impossible to fail DKIM verification. Only emails that implement DKIM (are digitally signed) have DKIM verification performed. Thus if DKIM verification is not performed then it cannot fail. My question is that if an incoming email USES DKIM SIGNING and subsequently fails DKIM verification then should it be blocked.
0
 
souseranCommented:
Sorry. You are correct.

With DKIM a message might fail verification when a sender only signs *some* messages rather than *all* messages.

Since DKIM only defines a signature as taking responsibility for a message and does not make any assertion of correctness of the From: header field, I wouldn't recommend automatically rejecting all messages that fail out of hand.

Better to mark them as Suspicious and verify their legitimacy first. Kinda like quarantining suspected SPAM.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now