On 6/17/11 1:05 PM, Rolf E. Sonneveld wrote:
after some off-list conversation with Dave he suggested I might want to
send this to the list. I apologize in advance if this message does not
apply to you. I also apologize if you get this message twice, when you
are subscribed to both ietf-dkim and the opendkim list.
The general goal of DKIM was to establish a domain relationship as a
trust basis for acceptance. DKIM was also to allow incremental
deployment without requiring undefined additional filtering performed by
mail transfer or mail user agents. When essential format checks are
skipped, this deficiency allows acceptance based upon DKIM's domain to
be potentially deceptive where its results may play an evil role that
cannot be repaired through the use of reputation.
Free email providers likely use DKIM to take advantage of their "too big
to block" volumes. For these domains, their reputation is understood to
offer little assurance of their overall integrity. By allowing a
pre-pended From header field to not affect the validity of a DKIM
signature according to the specification means the UNDERSTOOD source of
a message can NEVER be trusted.
Those that phish by taking advantage of this flaw are unlikely to affect
the acceptance of any exploited high volume domain. DKIM could have
avoided the offering of false assurances by not ignoring illegal header
fields per RFC5322 and defining such messages as resulting in invalid
signatures. At this time, it would be prudent to NOT recommend use of
DKIM due to this and a lack of required Fake A-label detection.
NOTE WELL: This list operates according to