[ietf-dkim] Re: New Issue: 4.2 needs new Attack Item:
InconsistentSignature vs Policy Attacks
nobody at xyzzy.claranet.de
Tue Jan 31 12:53:46 PST 2006
John Levine wrote:
> How long did it take people to realize that the majority
> of mail that passes SPF is spam?
Is that already so ? I've expected that much later in the
game for SPF and DKIM. And of course also for PRA and CSV.
Whatever "PASS" from unknown strangers is a waste of time,
without white list it's useless. For the "threats" draft
we mainly need the case "PASS from a white-listed source",
and Jim has this as 4.1.16 (among others): HIGH + MEDIUM.
More information about the ietf-dkim