[ietf-dkim] 1365 yes/no
Douglas Otis
dotis at mail-abuse.org
Wed Feb 28 15:02:06 PST 2007
On Feb 28, 2007, at 2:23 PM, Stephen Farrell wrote:
>
> issue #1365 calls for eliminating requirement
> 6.3.2 which says:
>
> " [PROVISIONAL] The Protocol MUST be able to publish a Practice
> which is indicative that domain doesn't send mail."
>
> If you want to eliminate that requirement say: +1
> If you want to keep that requirement say: -1
-1. Keep.
This feature might help curtail a type of DDoS attack for those that
do not use DKIM and want to prevent traffic generated by spoofed
random keys selectors. Of course the attacker might attempt to use
random sub-domains for the email-address, but bogus email-address
domains would be easier to prevent. Keys can and will be pointing
anywhere without any expectation that key selectors have a direct
relationship with an email-address domain. In other words, key are
always stored in some random location. Sender policy would not.
-Doug
More information about the ietf-dkim
mailing list