3.1. ADSP Applicability
4.3. ADSP Lookup Procedure
Verify Domain Scope:
This draft imposes a requirement that a domain within a From email-
address is to be found within DNS. This requirement is intended to
provide a domain control over the ADSP default assertions made below
their name hierarchy. However, excluding domains without known TLDs
could be inappropriate as well. What is also excluded from this draft
is a definition for specific protocols where the domains are expected
to be supported.
NNTP might use a TLD of .invalid to ensure an address is not mistaken
for a valid email-address. Micros~1 Exchange permits use of X.400
email-addresses aliased to a domain name assigned via their registry
without existing within DNS. In addition, there is nothing within
this draft to suggest that the ADSP assertions are limited to messages
publicly exchanged over SMTP port 25. This draft should warn ADSP
DKIM signature expectations may affect other protocols converted and
then bridged into SMTP, or those received over other protocols by MUAs.
In addition, the suggestion to use wildcard domains to publish ADSP
TXT records necessitates exclusion of domains without valid host name
syntax. This draft tangentially refers to RFC2821, but only with
respect to case-insensitivity. Do not expect wildcard domains will
defend against chosen-name.*.example.com, or chosen-
name._domainkey.example.com, for example. These exploits can be
prevented by insuring valid host name syntax.
Add:
ADSP defines a record that can advertise the extent to which a domain
signs outgoing mail that is publicly exchanged on SMTP port 25, as
described in [RFC2821]. Also, how other hosts can access those records.
Advertisements, defined by this document, may also increase DKIM
signature expectations for messages received by Mail User Agents
(MUAs) or for messages which might have been exchanged over protocols
other than SMTP. In some circumstances, author domains may wish to
have accommodations for protocol failures or for mixed public protocol
messaging not to be made.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html