Hector Santos wrote:
The issue is Alice with an "I sign everything" SSP. Bob resends her
mail, he has no clue what SSP and DKIM are, his MUA also doesn't know
it, and maybe his ISP removed Alice's signature at the MDA (proposed
by Doug as naive anti-replay strategy some months ago).
Would the next hop check Alice's SSP (ignoring Bob's Resend-* header
fields) and reject Bob's mail, if Alice's signature didn't survive
the resending ? Or if her signature is too old.
Do MUAa resend, forward messages with original headers included? Are
we talking about an MUA or a MTA (router)?
We're talking about the Resend-* header fields as specified in STD 11,
RFC 2822, and RFC 4406 7.3. I can't believe that I quote Sender-ID :-(
Am I missing something here?
No idea, same situation as 30 months ago: I never got a Resend-* mail,
I never sent one, and as far as I'm concerned this mechanism should be
deprecated in favour of a proper MIME message/rfc822 (or a similar EAI
message/utf8smtp, if that's how EAI eventually solves its MIME issue).
Even clarifying 4409 8.1 (it doesn't discuss Resend-Sender) is a royal
PITA, one SHOULD too much, and it's back at PS instead of going forward
from DS to STD. IMO we need 4409 at STD more urgent than Resend-cruft.
Who on earth needs more or less than one address in a Resend-From,
justifying to use a Resend-Sender ?
Frank
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html