[ietf-dkim] A more fundamental SSP axiom
Michael Thomas
mike at mtcc.com
Fri Aug 4 17:26:49 PDT 2006
Arvel Hathcock wrote:
>>If a signer wants to take that risk, isn't that for them to decide?
>>
>>
>
>Precisely.
>
>
>
>>Also, if the usual strategy of a verifier is to bounce (or be
>>encouraged to bounce) the offending email, a "I sign all" sender will
>>almost always know about delivery failures of originally signed
>>traffic and be able to act accordingly.
>>
>>
So if I set a policy of "I sign all", and a mailing list mangles it,
what exactly
is the mailing list receiving the bounce going to do? Blackhole it? Bounce
the user off the list? Anything useful whatsoever?
>
>Right. I don't see a big reason to worry with this at all. There are all sorts of reasons SMTP might bounce a message back as it is.
>
>
That makes the assumption that it gets bounced at all. Lots of things just
silently discard things they don't like these days. Not that there's
anything
useful that a mangler is likely to be able to do in any case.
Mike
More information about the ietf-dkim
mailing list