Top Deliverability’s Blog
Spam Resource: ICYMI: Understanding DKIM Replay Attacks
Al Iverson just published a new insightful article on Spam Resource:
My friends at the Certified Senders Alliance put on a fantastic (if I do say so myself) webinar this week, where Sebastian Kluth (CSA), Fredrik Poller (Halon) and yours truly (Al Iverson) shared our thoughts and understanding about DKIM Replay Attacks. If you missed it, never fear! I’ve got a recap and recording for you below. An Overview of DKIM Replay: Email forwarding with malicious intent A DKIM replay attack involves taking an already sent message and re-injecting it via SMTP to new recipients. Often, lots of recipients. Bad guys utilize a loophole in the concept of DKIM authentication in that DKIM was meant to allow for email forwarding without failing authentication, so authentication signatures are based on the domain, content and headers, without any consideration for what server (or what IP address) transmitted that email message. Authentication is effectively divorced from infrastructure and encased entirely with the email message
Continued here: ICYMI: Understanding DKIM Replay Attacks
The most comprehensive “Handbook of Email Service Providers“!
All SpamAssassin rules in one place, EXPLAINED!
All SMTP/ESMTP commands and reply codes in one place, EXPLAINED!
Check the DNS records of your domain with our free DNS tool.
The most comprehensive Email Deliverability and Marketing Glossary!