On Jul 7, 2007, at 10:55 AM, Dave Crocker wrote:
Michael Thomas wrote:
An interesting side effect is that it would also suppress bounce
messages from mailing lists, even if they resigned. I'm not sure
if this is a feature or a bug.
I think that that will depend entirely on the way the SSP record is
defined, much like the constraints on rfc2821.From values that are
So, yeah, if the SSP associated with the MailFrom says
"rfc2821.MailFrom" must match a DKIM signature, or somesuch, then a
mailing list that inserts its own MailFrom, without adding its own
signature, could break bounces.
What is lacking is a defined strategy to deal with possible replay
abuse. It could be assumed a signing domain has some strategy to
handle replay abuse originating within their own domain. This replay
abuse can result from MailFrom bounces, or from forwarded messages.
Traffic from mailing lists will require exceptional handling,
especially when the message signature has not been invalidated.
BATV will not help when a message passes through a mailing list.
BATV must also restrict where messages are allowed to originate to
those outbound servers sharing the encoding secret.
Avoiding the initiation of a bounce independent of whether some email-
address matches that of the MailFrom, would be to note whether the
SMTP client was within the signing domain. When the SMTP client is
within the signing domain, the chance of a message being a replay
diminishes greatly. This would not require any email-address
contained within the message to match that of the signing domain.
NOTE WELL: This list operates according to