Scott Kitterman wrote:
If it's allowed, then it's trivial to construct messages for which the
identity used in SSP is likely not the one displayed to the end user. Then
I'd really have to ask myself what we are trying to accomplish.
We've closed an avenue of attack. It's up to UI designers to close
other avenues.
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html