[ietf-dkim] Use of "sender" in -base
Eric Allman
eric+dkim at sendmail.org
Thu Jun 22 10:04:48 PDT 2006
--On June 21, 2006 11:05:55 PM -0400 Tony Hansen <tony at att.com> wrote:
> I have an issue with one item, below.
>
> Eric Allman wrote:
>>>> B.6 Third-party Message Transmission
...
>> Rewritten to:
>>
>> One way this can be handled is to continue to put the
>> reader's email address in the From header field of the
>> message, but put an address owned by the site into the
>> Sender header field, and sign the message on behalf of that
>> address. A verifying MTA should accept this and rewrite the
>> From header field to indicate the address that was
>> verified, i.e., From: John Doe via news at news-site.com
>> <jdoe at example.com>.
>
> Two points here:
>
> * Such rewriting MUST be done *after* the verification pass has
> been performed. (Obviously it can't be done before, unless the
> From: header is not in the h= field list.)
>
> * Once such rewriting is done, this message will never re-verify
> again. This would *prevent* a subsequent entity, such as the MUA,
> from doing its own verification. It would be nice if there were
> some way of preserving the original From: contents if
> reverification is necessary so that any such rewriting can be
> reversed for the reverification.
Reasonable points. I've changed "should" to "could", and added
"(However, such rewriting must be done after the verification pass is
complete, and will break any later attempts to re-verify.)"
Does this work for you?
eric
More information about the ietf-dkim
mailing list