Folks,
I'm not sure whether this fits into SSP or not, since it does not seem to
require that a record be published. However...
It seems to me that if a message has a DKIM signature and the signing domain
matches the domain in the rfc2821.MailFrom command, then it is safe to
generate a bounce message to that address.
By 'safe' I mean that one can be confident that the mail will not go to an
unwitting victim of a spoofed address.
Am I missing something?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html