[ietf-dkim] list expanders (was Re: chained signatures, was l= summary)
chl at clerew.man.ac.uk
Mon Jun 22 02:51:30 PDT 2009
On Fri, 19 Jun 2009 17:55:57 +0100, Douglas Otis <dotis at mail-abuse.org>
> On Jun 19, 2009, at 4:29 AM, Charles Lindsey wrote:
>> But either way, there is no suspicion that the A-R was added by the
>> spammer, or any other agent prior to the ML site, so no reason to
>> doubt the truth of what it attested (except for Conspiracy Theorists
>> who doubt everything - and the best way to placate Conspiracy
>> Theorists is to give them the evidence that proves their vivid
>> imaginations are wrong - in this case by signing the A-R header).
> It dangerous to consider A-R headers of unknown origins as somehow
> inherently safe......
Inless they are included in a signature.
An A-R record always includes an idication of the domain that purported to
have place it there. If it is signed by that same domain (as would be the
case in the scenarios we are discussing), then more reliance can be placed
on it (depending on your opinion of that signer - but you opinion of the
manager of a mailing list you have subscribed to is likely to be quite
I agree that an unsigned A-R is dubious, but even then if it purports to
have been placed there by a domain which
a) the message has been passed through, and
b) you are prepared to trust to have removed any pre-existing bogus A-R
purporting to have been placed there by that domain
then it should be pretty safe (and this was indeed the case for the
example we were discussing).
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim