[ietf-dkim] Signalling DKIM support before DATA

[Douglas Otis]

On Aug 8, 2006, at 12:25 PM, J.D. Falk wrote:

> On 2006-08-08 11:43, Scott Kitterman wrote:
>
>>> Sounds like false hope to me; as a big receiver, I can't imagine  
>>> that
>>> I'd ever want to blindly trust assertions made by an unknown sender.
>> As both you and John L point out, this is a big issue.  That's why  
>> I was thinking about it being something in DNS related to the  
>> policy record so that it would be at least slightly harder to lie  
>> about it.  It's also why I started with IF...  I recognized that  
>> if it can be trivially spoofed, then there's no reason to do it.
>
> We can accomplish that much without any changes to SMTP:
>
> - SMTP conversation happens as per usual
> - receiver looks up MAIL FROM domain, checks SSP
> - receiver decides whether to accept the message and check the  
> signature, or reject based on non-DKIM-related criteria
>
> Or am I missing something?

By SSP you mean the First-Party-Policy.  A check subsequent to  
receiving the entire message could verify there is an association  
between the First-Party-Address and the Signing-Domain, but this is  
not assured to match the MAIL_FROM.  This implies that MAIL_FROM will  
always have the same domain as that of the Signing-domain.  A  
separate MAIL_FROM policy could avoid this constraint.  A MAIL_FROM  
policy would offer greater value when it corresponds to the SMTP  
client issuing the message rather than the signing domain.

Imagine a message signed by your domain is replayed from a system  
controlled by a bad actor.  How is this detected?  A MAIL_FROM policy  
could confirm there is a relationship with that of the client before  
the message is accepted.  Authenticating the client allows policy  
(relationships) to be established between both the MAIL_FROM and the  
Signing_Domain.

-Doug