ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Re: from'less 2822 messages

2008-01-25 05:39:44
Frank Ellermann wrote:
Michael Thomas wrote:

Such as a bounce?
I thought that a bounce was a MAIL FROM: <> ?

Yes, of course this could be also another auto-reply.

I don't recall seeing a null 822 From:

That would be a clear syntax error, and I think one
technical reason why DKIM uses "From" is that it's
guaranteed to exist.  Like "Date", all other fields
are optional (or can be one or more of To/Cc/Bcc).

Missing or empty 2822-From is for SSP what missing
or domain literal HELO is for SPF, receivers can't
use it.  They are free to reject it as syntax error,
or to reject a "valid" From: user(_at_)[127(_dot_)0(_dot_)0(_dot_)1] as too
weird for their tastes.

I'm aware that this is not legal, but these sort of things
happen in the real world, and are the kind of things that
cause interoperability and/or deployment issues. Since SSP
is a security protocol, we can pretty much be guaranteed that
somebody will eventually start probing the edge cases, so
to the degree that we can provide guidance is to the better,
IMO.

In this particular case, the interoperability issue is that
some implementations might label this as "suspicious", others
not. I don't think we want that variability.

                Mike

                Mike
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html