ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] NEW ISSUE: Security Threat: Unexpected ThirdPartySenders

2008-02-14 11:08:47
Siegel, Ellen wrote:

-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of J D Falk

Explicitly out of scope. Because not all 3rd party signatures on email
are "random", and there are a number of valid use cases that include
them.

hmmmmm, this sounds like an explicit in scope statement.

So essentially, if I read you correctly, you want MTAs to completely ignore messages with 3rd party signatures as if the message was never signed?

At what point or stage during the transport and/or delivery process do they become "in play" and for whom?

According to Falk, if I read him right, he indicated a domain can use DKIM=DISCARDABLE to protect against unwanted 3rd party signatures.

Do you agree?


--
Sincerely

Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html