[ietf-dkim] draft-ietf-dkim-mailinglists-02 review
dotis at mail-abuse.org
Tue Sep 14 05:15:12 PDT 2010
On 9/14/10 2:36 AM, Ian Eiloart wrote:
> --On 13 September 2010 21:18:41 -0400 "John R. Levine"<johnl at iecc.com>
>> > The final version said
>> > if a message arrives without a valid Author Domain Signature due to
>> > modification in transit, submission via a path without access to a
>> > signing key, or any other reason, the domain encourages the
>> > to discard it.
>> > I think it's a reasonable interpretation to say that if you expect your
>> > list software might break the signature, you're doing the sender a favor
>> > by pre-discarding it since that's what the recipients should do anyway.
> Absolutely not. The condition doesn't apply when you receive the message,
> so the signer is NOT encouraging you to discard it, and the general rules
> apply: you should deliver the message or notify the sender (or the sending
> It may be that the message can be bounced, with a non delivery
> notification. For example, if the return path matches the content of a
> signed header, and they're both in the domain of the signer, then you're
> probably not issuing collateral spam. If you are issuing collateral spam in
> this instance, then the fault probably lies with the controller of the
> sender domain (for allowing intra-domain spoofing).
> If the MLM owner knowingly breaks a signature, and either discards the
> message or forwards it into a system that is likely to discard it, and do
> not notify the sender, then the forwarder must be responsible for any harm
> done. They really should reject such messages.
More information about the ietf-dkim