|
|
|
|
|
|
by pacija
998 days ago
|
|
|
SPF says which IP adresses are authorized to send email for a domain. DKIM should increase confidence that email is sent by authorized service on servers with those IP addresses (eg. Postfix) as opposed to unauthorized ones (eg. telnet). Finally, DMARC instructs receiving servers how to act on receiving email for a domain regarding validity of SPF and DKIM. It is up to receiving servers to respect this instruction or not. None of the above has anything to do with particular email message authenticity. Mechanisms for email authenticity, or additionally confidentiality, are S/MIME and PGP, where user controls the key, and it is up to them to make sure it doesn't leak. I am providing email service to close to thousand users on dozens of domains over the course of fifteen years. The article does not make much sense to me from either postmaster's or mail user's point of view. |
|
|
Only if you're on a shared email hoster. If you're the only one that has access to the mail server's signing keys, it's gonna be real hard to convince anyone that someone else signed that email.