Hi,
I'm doing some research for a paper on SPF, DKIM and other sender
authentication measurements.
I'm a bit puzzled about a fact on:
http://en.wikipedia.org/wiki/DomainKeys, and would appriceate if someone
could comment this:
"With DomainKeys, the absence of a verifiable digital signature header
in an E-mail purporting to be from a domain which has a DomainKeys DNS
record may indicate that that E-mail is a forgery. Thus, E-mails may be
divided into three classes:
* valid DomainKey signature: authentic
* invalid or missing DomainKey signature for a domain with the DNS
record: usually forged
* no DNS record or header: unknown status"
As I have understood it, you can not really find the
DomainKey-DNS-record unless you know the selector, which you do not
really unless you have a domainKey signature. Is this correct or have I
misinterpreted the drafts?
Best Regards,
Stefan Görling
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html