[ietf-dkim] Re: Message Replay Abuse and Acceptance of a Signature
nobody at xyzzy.claranet.de
Sun Jan 22 01:25:31 PST 2006
Douglas Otis wrote:
> A Low Administrative Solution Insensitive to High Latency:
> Just as email domains check lists when deciding to receive a
> message, they now also check a list to decide whether to
> sign, or perhaps even send a message.
> With this paradigm, as a best practice, to ensure Company X
> that it is safe for them to send their newsletter, Domain Z
> replaces the incoming signature with an MDA specific
> signature at the edge of their AdmD. An MDA specific
> signature can not be used to resend a message, but still
> allows users of Domain Z to be assured the message is valid,
> and the completed by Domain Z when the message first arrived.
Any sender X arranges something with most of its receiving Zs.
Any receiver Z arranges something with most of its inbound Xs.
Why do they need DKIM for that ? CSV or SPF should be enough.
More information about the ietf-dkim