7. Resolution in the Face of Multiple From field Addresses
When there are multiple address in a message's rfc2822.From field, the SSP
specification arbitrarily declares that the first address shall be used for
SSP enforcement. Although multiple From addresses is rare, its use is valid
and, in particular, occurs when the content's authors want to communicate
something significant about the authorship. In light of that, arbitrarily
coercing which of the authors is allowed to submit the message is quite
troubling, especially since it is usually a subordinate author who does the
scut work of document maintenance and public posting.
Unfortunately, this is a problem for which there is no obvious solution. Since
SSP should not get into the business of changing who is permitted to post
valid mail, the issue does very much need better resolution.
To the extent that the above is not sufficiently clear:
SSP's arbitrary assertion that only the first author (as specified in
the rfc2822.From field) can sign the message essentially limits posting to ony
that author. This breaks a flexibility in email service that is not even
appropriate to the limited scenario of having multiple authors.
The underlying problem is with coupling the From field to the DKIM
signature. At most, the Sender value should be used.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html