On Sep 12, 2005, at 11:58 AM, Hallam-Baker, Phillip wrote:
Replay is an issue in the application of DKIM to real world problems.
This problem can impact virtually any domain signing messages. It
will be a greater problem for providers that offer free mailboxes, as
well as access providers that also offer outbound email services,
largely due to the prevalence of compromised systems and networks.
This could also be a problem for those that send bulk emails, when
someone wishes to damage their reputation. These groups perhaps
represent the majority of the email being exchanged.
Clearly there must be an answer to the replay issue, but it does not
follow that this must be developed in MASS.
I have attempted to clarify how DKIM can be structured to handle this
problem with a minimal overhead, even without the use of HELO
verification. HELO verification would be instrumental for defending
The replay issue only really affects Web Mail hosts, there may be
something of an effect for some ISPs but I doubt it. In either case
controls to prevent bulk enrollment are likely to provide a sufficient
first line of defense.
Once a signature becomes a basis for accepting email, then rate-
limiting techniques do not offer any protection. A miscreant only
needs to send themselves the initial messages, where these can be
"replayed" from other sources in any amount. Without a means to
prevent this scenario, the domain signature will offer significantly
less value as a basis for message acceptance.
ietf-dkim mailing list