william(at)elan.net wrote:
On Wed, 12 Jul 2006, Eric Allman wrote:
For the same reason From: has to be signed --- they represent the
[fill in blank with your favorite word: author, originator, whatever]
of the message. I suppose we can legitimately ask why From: MUST be
signed though. In terms of interoperability it is not required, but
in terms of being useful it seems like it is.
So if message has Resent-From field would SSP check be done against From
or Resent-From or both?
From. Always From, unless there is a valid signature where the signing
address matches the From address, in which case no SSP check is required.
-Jim
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html