[dkim-dev] DomainKeys vs DKIM: Identifying the Sending Domain
Douglas Otis
dotis at mail-abuse.org
Fri May 4 17:07:01 PDT 2007
On May 4, 2007, at 4:44 PM, Murray S. Kucherawy wrote:
> DKIM renders difficult the spoofing of domain names on e-mail.
> What you're talking about is preventing spoofing even of local-
> parts. While it can't hurt to have such a capability, I don't find
> its absence to be much of a showstopper either.
DKIM permits other domains to be visible, which greatly reduces
expectations that spoofing became difficult.
DKIM must work in conjunction with information obtained out-of-band
of the DKIM validation process. This could be in the form history,
perhaps as determined by a user's MUA and interactions placing email-
addresses into their "trusted email-addresses" category. This could
be in the form of anti-phishing filters. Be careful about hand-
waving issues regarding the communication of an email's DKIM status.
Annotations placed upon just any complaint message represents a very
dangerous double-edge sword.
-Doug
More information about the dkim-dev
mailing list