Direct attacks would be bad actor attempts to exploit compliant
DKIM/SSP
systems. Indirect attacks would be bad actors attempts to exploit
non-compliant DKIM/SSP and rely in "social engineering" exploits.
With
indirect attacks, bad actors will not emphasize on protocol
correctness.
These attacks can be detected if the SSP is checked against the domain
whether the message is signed or not. This will lower the risk, the
uncertainty of bad attack exploits and hence, lower the impact of
these
high probably attacks
Sorry, I'm not following this either. It seems the threat has to do
with receipt of signed messages when none should be expected. But
isn't
this addressed simply by not publishing any key records?
If I do not publish any key records and a bad actor whips up an email
purported to be from me with a fake signature attached, a non dkim
compliant mta may have a rule that states "signed messages are probably
okay" that might bypass some spam checking software. Before DKIM is
fully adopted/deployed expect to see this happen,
Thanks,
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
_______________________________________________
ietf-dkim mailing list
http://dkim.org