Stephen Farrell wrote:
I assume his concern was with unsigned (or maybe even DKIM-signed?)
mail from a bad actor, purporting to be from his little domain.
If the verifier looked up the little domain's SSP and found that e.g.
all mail from little domain is supposed to be signed by the ISP
What proposed SSP flags, configuration and usage will enable a receiver to know
that a particular (rfc2822.From?) domain's messages must be signed by a
particular ISP?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html