[ietf-dkim] detecting header mutations after signing
Wietse Venema
wietse at porcupine.org
Tue Oct 19 06:18:45 PDT 2010
John Levine:
> >There's a strong correlation between badly structured emails (SMTP,
> >MIME, HTML) and email that the recipient doesn't want to see.
>
> You're right, but I think that's largely orthogonal to DKIM. If a
> message has a good signature from a credible signer, I expect I'd want
> to show it to the user even if it had structure problems. I'd like to
> make the trust model as simple as possible, preferably
>
> good signature -> good messsage
I agree with John's earlier message that to make DKIM useful for
automated whitelisting, we end up with something slightly more
complicated:
valid signature + good signer
+ no suspicious unsigned content -> good message
My preference would be to enforce this within the existing protocol
(that is: send h=from:from:subject:subject...), but I could live
with hard-coded checks for unsigned single-instance RFC 5322 and
MIME headers (that is: no DKIM PASS for unsigned "extra" From,
Subject, MIME-Version, Content-type, etc. headers).
Wietse
More information about the ietf-dkim
mailing list