[ietf-dkim] Are subdomains like parent domains?
J D Falk
jdfalk at returnpath.net
Tue Apr 29 12:00:33 PDT 2008
Al asked:
> OK, let's assume ADSP has no "tree walking" or "subzone inheritance"
> feature. A sender is sending legitimate mails with
> customercare.bigbank.com with DKIM and an ADSP policy. If a phisher
> sends mail with a PRA of customer-care.bigbank.com, that would not be
> signed, and it would not fall under any ADSP policy.
>
> In your perfect world, as an imaginary receiver, how would you discern
> between the two sets of messages?
That's easy: any string comparison will tell you that
customercare.bigbank.com != customer-care.bigbank.com. So, assuming no
treewalking assumption in my reputation system, they'd each have
entirely separate reputations.
But reputation is never based solely on one tiny bit of information --
I'd also check to see if the domain exists. If it doesn't, that would
very likely result in rejection before even getting to any reputation
algorithm.
More information about the ietf-dkim
mailing list