On Jan 24, 2006, at 5:18 PM, Jim Fenton wrote:
Mark Delany wrote:
On Mon, Jan 23, 2006 at 10:18:59PM -0500, Hector Santos allegedly
wrote:
From: "Tony Hansen" <tony(_at_)att(_dot_)com>
I'm tempted to say: if the mailing list is going to do
*anything* to the message other than act as a simple
reflector, it *must* strip out any existing dkim signature.
What it does after that is up to the mailing list.
This would make sense for certain policies. If the processor is
going to
Actually I'm not sure why a list has to do anything in this case.
If a
failed signature is the same as no signature, then the very action of
a mutating list has the effect of "stripping out" any existing
sig. So
why impose extra work on a list? And why not let the natural
course of
existing lists serendipitously "do the right thing"?
This makes sense to me. The main reason I can think of for removing a
previous signature is the effort involved in trying to verify it. But
that's just an optimization.
It's, ah, not unlikely that at least some recipient MTAs will
consider an
invalid DKIM signature as evidence that the email is spam, a virus or
mind control cooties from the little orange martians. That's likely to
reduce deliverability for messages with invalid signatures, or anything
that even looks vaguely like them.
So... regardless of what is decided here I expect some MLMs will
strip out incoming signatures, if doing so will increase their
deliverability
even marginally. That doesn't mean you should mandate doing so,
of course, but don't assume that remailers of various types won't do
so either.
Cheers,
Steve
_______________________________________________
ietf-dkim mailing list
http://dkim.org