ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Not exactly not a threat analysis

2005-08-23 12:03:00
However the submission server cannot trivially include the list of
recipients in the message signature and remain compatible with BCC (which
is one of our requirements).

Sure it can.  Any recipient in the envelope but not in the message header gets
a separate signature.  Easiest thing to do is to sign outgoing traffic rather
than incoming traffic.


This doesn't help for BCC recipients at the same domain.

no, it "just" means that the MTA has to transmit multiple copies of the same message to the same SMTP server, differing only in their signature and bcc header field.

Keith
_______________________________________________
ietf-dkim mailing list
http://dkim.org