5.7.5 DKIM unauthenticated mail is prohibited

[zolthar]

Is PMG able to reject and send out such an NDR?

<username@domain.com>: host server.domain.com[111.222.333.444] said: 550
    #5.7.5 DKIM unauthenticated mail is prohibited (in reply to end of DATA
    command)

I have just started seeing these and primarily from Government domains and would like to explore this option. Honestly, if an email server cannot authenticate, more than likely they are spam, OR they are using cheap email solution which will force them to upgrade using a paid service - (sarcasm) go O365/Google go!

Out of the 120k emails per month, there is less than 1% that gets through, however its still enough for me to be concerned should a determined phisher target our domains coupled with excellent social engineering.

What do people think about these?

Is this something PMG can implement or what methods are people using if they are implementing?

 

[Stoiko Ivanov]

have just started seeing these and primarily from Government domains and would like to explore this option. Honestly, if an email server cannot authenticate, more than likely they are spam

In my experience there are still quite a few mails going around which have not DKIM signature - so I'd be cautious of rejecting mail based on missing DKIM.

If you like to have that in PMG - you can try to raise the SpamScore for DKIM related rules in the GUI (Configuration->Spam Detector) wo something very high , and create a rule in your system, which 'BLOCK's mails matching this high score - that with before queue filtering should cause the mail to be rejected (custom 5xx error codes are not supported though)

If you enable this - I would suggest to keep an eye on the logs - and I would expect that you get quite some false postives.

I hope this helps!