Thiyaga:
Hi Wietse,
Thanks a lot for your comments!
This looks like a standard replay attack. Such technique can't be
used to send SPAM on behalf of domains that don't sign SPAM (e.g.,
porcupine.org). If a domain is willing to sign SPAM, then they
deserve that all their messages are handled with great prejudice.
Yes, I agree. It can't be used to send SPAM on behalf of domains that
don't sign SPAM.
But if it signs SPAM unknowingly (which may happen in large ISPs --
If a domain is willing to sign SPAM, then they deserve that all
their messages are handled with great prejudice.
DKIM provides domain-level signatures. It is not a replacement for
user-level authentication systems such as S/MIME or PGP.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html