[ietf-dkim] Re: ISSUE 1525 -- Restriction to posting by first
Author breaks email semantics
arvel.hathcock at altn.com
Fri Jan 18 08:27:07 PST 2008
hi Jim (and everyone)!
> I'm still missing a suggestion for what we use when the Sender header
> field does not match any of the addresses in the From. Do we then
> revert to First Author? All Authors?
The idea of checking SSP on up to N From: domains is the only suggestion
I've seen so far and I can't think of anything better.
So, if the SSP algorithm returns Suspicious for any one of the domains
found in From: then let that be the final SSP result (in fact, further
SSP checks could be skipped at this point). In other words, if even one
of the domains listed on the From: requires a verifiable signature and
that signature is NOT present then the message is Suspicious even if the
result of SSP for one or more of the other domains is non-Suspicious.
Would this work?
More information about the ietf-dkim