On Wed, 28 May 2008 20:44:17 +0100, Dave Crocker <dhc(_at_)dcrocker(_dot_)net>
wrote:
We *want* different reputations for transactions.paypal.com and
newsletter.paypal.com and corporate.paypal.com. Remember that these
names
that are used to sign with DKIM are voluntarily chosen by the signer.
In that case, paypal.com can easily publish a strong ADSP record for
transactions.paypal.com and weaker ADSP records for newsletter.paypal.com
and corporate.paypal.com. The important thing is to ensure that
non-existent(_at_)paypal(_dot_)com is treated as strong rather than as weak. If
we
don't protect that domain, then every phisher on the planet will promptly
use it.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html