[ietf-dkim] Change to Section 6
dotis at mail-abuse.org
Sun Jan 21 00:14:34 PST 2007
On Sat, 2007-01-20 at 13:17 -0500, John L wrote:
> > Why strengthen a bad statement that attempts to declare DKIM is to be
> > done only at the MTA?
> Nobody's made such a statement. I don't understand the point of spending
> the group's time arguing about a straw man.
I do not agree at all.
[In particular, deferring verification until the message is accessed by
the end user is discouraged.]
Removing unnecessary language in this statement leaves:
"In particular, verification by the end user is discouraged."
Any verification at the MUA would be deferred in comparison to being
done within the SMTP session. The MUA is where end-user verification
would occur, and any verification not made within the SMTP session MUST
be considered deferred.
Most recipients will not fetch graphical images referenced by messages
from unknown originators to prevent leaking information and to prevent
DDoS exploits. It is not safe to assume DKIM verification should be
done at the MTA for every message. Such a strategy would clearly
indicate which clients succeed in getting past initial screening
defending DKIM verification and allows for DDoS exploits.
Something like a DAC list can serve as a prerequisite for DKIM
verification at the MTA. Being on a trusted list is perhaps the _only_
safe instance where DKIM verification should occur at the MTA. When
done in this limited fashion, DKIM can be used to avoid identifying
messages as spam due to their volume, or avoid identifying messages as a
phishing attempt. DKIM prevents false positive rejection of trusted
sources for more stringent filtering.
All messages, whether verified by the MTA or not, SHOULD be verified at
the MUA when applying annotations. Verification at the MTA or MUA
SHOULD be limited to messages containing trusted originators. Security
is improved when not verifying messages having an unknown or untrusted
It is unreasonable to expect that DKIM is useful for rejecting spam.
DKIM provides a safe basis for annotation that ensures a message is from
a trusted source, and DKIM minimizes false positive filtering. The
erroneous concept that DKIM provides a basis for rejection is likely the
_only_ justification that could be used to support the very bad
statement added in the latest draft.
More information about the ietf-dkim