[ietf-dkim] ADSP takes DNS down, film at 11

[Frank Ellermann]

MH Michael Hammer (5304) wrote:

>> Bad actors pick whatever PRA, 2822-From, HELO, or MAIL FROM
>> suits them.  It's the job of v=spf1, spf2.0/pra, or ADSP to
>> defeat that.
 
> And spf2.0/pra fails to do that. The requirement to set PRA
> to the sender field if a proper one exists bypasses the SPF
> record intentions of the domain represented in the RFC2822
> From field email address.

They picked "Sender ID" as name for their idea, originally it
was "Caller ID", but never "Author Domain ID".  In a certain
sense RFC 4407 is compatible with 2822(upd) Resent-*, and it
protects a Purportable Responsilbe Address, not the author(s).

> It is rather trivial to game PRA to get a neutral for any
> particular piece of "bad" email. 

Yes, and it won't surprise you that I don't like spf2.0/pra,
putting it very mildly.  But two proposals to remove Resent-*
from the picture got no traction in the 2822upd discussions.

> But what does this have to do with DKIM and ADSP other
> than the suggestion at an earlier point in the process to
> use the sender field?

Better ask Doug.  I can see Resent-* as obstacle, PRA took it
as given, ADSP ignores it, RFC 5016 section 4.3 mentions it.

 Frank