[ietf-dkim] That weird i= is most probably EDSP

Michael Deutschmann michael at talamasca.ocis.net
Tue Jul 2 08:37:20 PDT 2013


On Tue, 2 Jul 2013, Alessandro Vesely wrote:
> (subject adjusted)
>
> A sender using SRS would need to maintain a database of valid addresses.
> [...] That's where EDSP can save the day.

That's off in the weeds.  EDSP would not take any notice of i=, and is
not there to enhance SRS -- rather it's something of a competitor.  (Both
try to make return path validation work in spite of forwarding.)

I'll note however that nothing done in the body or headers can bypass the
length limits on VERPing (SRS being a subset).  The whole reason VERPing
is popular is because no one can count on a bounce message being in a
standard format.  You might get no recoverable information about what was
*in* the failed message, but the MAIL FROM: is guaranteed to come back to
you verbatim as the envelope RCPT TO: of the bounce.

I just mentioned SRS as an innocent example of a message being relayed
with verbatim body and headers but an altered envelope sender.  And while
that case could result in couple hundred bytes of wasted space in the
header, it won't cause false-positives or false-negatives.  So it's not
worth losing sleep over.

> It has to be in the message content for DKIM to be applicable.

Core DKIM is only tasked with determining if a signature is genuine, not
if the signature is relevant.   Therefore it doesn't matter if part of the
information EDSP uses to determine relevancy is out of band.

---- Michael Deutschmann <michael at talamasca.ocis.net>


More information about the ietf-dkim mailing list