-----Original Message-----
From: owner-ietf-822(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-822(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Douglas
Otis
Sent: Tuesday, November 30, 2010 11:11 AM
To: Martijn Grooten
Cc: ietf-822(_at_)imc(_dot_)org
Subject: Re: New Version Notification for draft-kucherawy-mta-malformed-00
DKIM should be repaired to ensure deceptive malformed header fields do
not verify as having valid DKIM signatures to prevent the exploits, such
as having multiple singleton header fields invalidate signatures. DKIM
should have included checks necessary to disqualify messages likely
crafted by malefactors. These checks may need to grow over time. The
impact of adding checks to DKIM's verification process will not justify
new mandates for making message repairs or rejections by SMTP or MUAs.
[...]
I think this is completely off-topic for the work being discussed here, Doug.
The discussion has to do with what MTAs, and perhaps MUAs if that's
appropriate, should do with common malformations independent of things like
DKIM.