On Fri, 7 Nov 2008 16:09:22 -0800 Douglas Otis
I think it's worth pointing out when considering how much to worry about
Doug's latest "SPF will melt the Internet" theory that shared MTA concerns
are directly addressed in the RFC 4408 security considerations. This is
nothing new that wasn't carefully considered during the protocol design.
I think it's reasonable to assume that implementers pay attention to RFC
security considerations. I think there are plenty of protocols that would
have security holes if their security considerations were ignored.
If a DKIM signing shared MTA were to sign a message sent by somone not
authorized to use the domain, the exact some situation arises.
NOTE WELL: This list operates according to