You are reading a single comment by @Dammit and its replies. Click here to read the full conversation.
  • Just checked my last Uber receipt email.

    They do sign DKIM and it passes but the way they do it means that it won't survive auto-forwarding. They have included the To: field in their DKIM signature which means that when the email is forwarded, the To: field will be changed and when the DKIM check is carried out at the forwarded to mailbox, it will have changed and will cause DKIM to fail.

    So, failed DKIM and failed SPF means that DMARC will also fail. At which point the verifier will enact the Quarantine policy and send the email to the spam folder.

  • Just checked my last Uber receipt email.

    They do sign DKIM and it passes but the way they do it means that it won't survive auto-forwarding. They have included the To: field in their DKIM signature which means that when the email is forwarded, the To: field will be changed and when the DKIM check is carried out at the forwarded to mailbox, it will have changed and will cause DKIM to fail.

    So, failed DKIM and failed SPF means that DMARC will also fail. At which point the verifier will enact the Quarantine policy and send the email to the spam folder.>

About

Avatar for Dammit @Dammit started