Paul Hoffman wrote:
At 11:54 AM +0000 1/28/08, Charles Lindsey wrote:
I think all you need, as Frank has pointed out, is a security
consideration to the effect that
"Verifiers should be aware that Bad Guys may attempt to subvert the
intentions of SSP by submitting messages that are non-compliant with RFC
2822 (for example by using empty From headers, mutiple From headers, Etc
{i.e. list a few examples, but not too may }).
That seems like a good resolution to this long thread.
+1, non-compliant messages are immediately rejected. It has nothing to
do with SSP or DKIM or anything else.
The first rule of thumb is protocol compliance. DKIM can not be based
on allowing subjective *external* reputation concepts to trump or allow
faulty messages to pass *any* standard compliance test.
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html