[ietf-dkim] DKIM signature can mean it's safe to generate bounce?
Scott Kitterman
ietf-dkim at kitterman.com
Sat Jul 7 14:05:48 PDT 2007
On Friday 06 July 2007 20:09, Dave Crocker wrote:
> Folks,
>
> I'm not sure whether this fits into SSP or not, since it does not seem to
> require that a record be published. However...
>
> It seems to me that if a message has a DKIM signature and the signing
> domain matches the domain in the rfc2821.MailFrom command, then it is safe
> to generate a bounce message to that address.
>
> By 'safe' I mean that one can be confident that the mail will not go to an
> unwitting victim of a spoofed address.
victim/domain yes.
> Am I missing something?
>
> d/
I'm sure the protocol police would be out in force as this is a layer
violation, but I expect if limited to the case where 2821 Mail From domain is
the same as the signing domain it would likely be reasonably effective.
SPF Pass would (if available) give you the same or better confidence.
Scott K
More information about the ietf-dkim
mailing list