You are likely to miss quite a bit, depending on your test messages and
the particular sites and MTAs involved.
Well, yeah. That's why I want to get as diverse a set of forwarders
as I can. Wasn't that obvious? Once I get it set up, the plan is to
let people register and then send test messsages which will be
available with the forwarded versions on a web site or something.
[ various screwups ]
Yes, I'm familiar with all of those. The question, as I think I've
said at least three times now, is to look and see how different body
canonicalization schemes fare in practice. We all know that there are
worst cases that break any signature, but our goal is not to reinvent
The DKIM base draft states that verifiers may be (among others) MUAs.
Obviously any MUAs behind MS Exchange servers, Lotus Notes systems, etc.
would be affected by transformations made by such parts of the mail
in which they reside.
You've confirmed that you definitely don't understand the goals of
We know that Exchange and some other MTAs smash messages beyond
recognition. But some MTAs don't. We think that there are an
interesting number of MUAs behind non-smashing MTAs, but we need more
data. The goal is NOT, repeat NOT, to come up with something that
will survive the most hostile MTAs. So you can stop telling us about
them, we know about them, they're not the target. If that were the
goal, the answer would be S/MIME.
Asrg mailing list