[ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs
Murray S. Kucherawy
msk at cloudmark.com
Mon Sep 27 14:41:32 PDT 2010
> -----Original Message-----
> From: ietf-dkim-bounces at mipassoc.org [mailto:ietf-dkim-bounces at mipassoc.org] On Behalf Of Dave CROCKER
> Sent: Monday, September 27, 2010 11:40 AM
> To: DKIM List
> Subject: Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs
> It's been a significant revelation, for me, to realize how common it is
> for DKIM
> processing to occur during the SMTP session.
I think, as Mark points out, this is often an artifact of the constraints of the existing environment (in our case, the architecture of milter) rather than a decision that doing so during the SMTP session is obviously the right way to do it.
That said, there's a lot of agreement that filtering during SMTP is better than accept-and-then-deal-with-it approaches. (cf. RFC5451, Appendix C) Unfortunately post-DATA rejection is the only way that can be done, short of changes to SMTP in the way of yet another extension that wouldn't receive wide adoption in the short term anyway.
> So SMTP issues reduce to finding ways of preventing the cross-net
> transfer of
> data or even of preventing the SMTP session. Oddly, I think the latter
> is more
> feasible than the former.
This is probably one of the main reasons SPF remains in widespread use. That no workable envelope-level DKIM equivalent has materialized to date is unfortunate.
More information about the ietf-dkim