[ietf-dkim] DKIM signature can mean it's safe to generate bounce?
Dave Crocker
dhc at dcrocker.net
Fri Jul 6 17:50:06 PDT 2007
Michael Thomas wrote:
>> If the mail is sent by dick at earthlink.net (or a virus on their
>> machine), with an envelope from address of jane at earthlink.net out
>> through the DKIM stamping earthlink smarthost and you generate a
>> bounce, that bounce will go to Jane.
> Sure, but at least it's reduced to an intra-domain problem which earthlink
> has the capacity to remedy.
I probably should have commented on this in my first reply to Steve:
Originating sites are not currently expected to validate return addresses.
The scheme I've suggested means that the return address is, in fact, validated.
How can a potential bounce generator know whether this particular message has
a validated return address? Note that the mere presence of a DKIM signature
does not guarantee this particular validation issue.
That's why the SSP-type record might be necessary.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the ietf-dkim
mailing list