On Thu, 27 Jul 2006 16:50:17 -0700 Jon Callas <jon(_at_)callas(_dot_)org> wrote:
On 27 Jul 2006, at 4:01 PM, Scott Kitterman wrote:
To clarify, by me, I meant my domain. The problem is that in this
type of
scenario, there is no way to externally distinguish between mail
actually
sent by the vanity domain owner and mail sent by another customer of
isp.example.com
I would phrase it as a "situation" or "issue" rather than a "problem."
However, it's not strictly true. Example.com is supposed to be
signing the "From" header field. (Section 5.4: "The From header field
MUST be signed....") If the From line from your domain is different
from the other customers, then it can be distinguished.
Yes and what is another customer of the ISP submits mail using my From. in
virtually all cases today there is nothing to prevent that.
This is really an internal ISP operational problem (they need to
sort out who
is allowed to use what identities on their servers), but the
protocol and
associated guidance need to make that clear.
How is it not clear now?
I'm not sure yet. At this point we're just talking about
requirements and if
this type of requirement is covered through policy or not.
I think it's covered in the *syntax*.
As long as the proper controls are in place at the ISP and the policy
protocol allows me to express which domain(s) are authorized to sign for my
domain.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html