On Mar 15, 2006, at 7:58 AM, Michael Thomas wrote:
Dave Crocker wrote:
They don't. They need to be part of the larger
ecosystem here, and they certainly do not have a god-given
right to preserve the From: address and completely change
the content with complete impugnity.
Well, pretty much, they do.
Absent violations of an Internet standard, a mailing list's
software may make whatever changes the operator of the mailing
wants or is willing to tolerate.
With DKIM, they will be in "violation" of an Internet standard insofar
as they corrupt a legitimately signed piece of email, and preserve the
From: address. To a receiver, there is absolutely no difference
between that case and the case that we'd like to guard against,
namely spoofing of From: addresses.
Mailing list software and their operators are perfectly at liberty
to stick their head in the sand, but I'm perfectly at liberty as
a receiver to treat mailing list email the same way that I treat
other likely forgeries.
Treat them as unsigned, you mean?
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html