Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

Hi Rolf,

-----Original Message-----
From: Rolf E. Sonneveld 
[mailto:R(_dot_)E(_dot_)Sonneveld(_at_)sonnection(_dot_)nl]
Sent: Thursday, September 02, 2010 11:24 AM
To: Murray S. Kucherawy
Cc: IETF DKIM WG
Subject: Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review

Someone sends a spam-type message from a large ESP to a mailbox he
owns,
somewhere on the Internet. The message is DKIM signed by the ESP. The
spammer then takes the entire message including complete headers, and
replays it using different envelope To: addresses and (optionally)
different envelope From addresses. A verifier find the signature to be
valid and at the end of the day this type of replay will impact the
reputation of the ESP.


All true, but this isn't anything new.  I remember this came up ages ago, 
before even RFC4871 was published.

If the concern is reputation impact, there's a different venue where that 
should be discussed.  Reputation is specifically out of scope here.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] (OT) Forwarding, was draft-ietf-dkim-mailinglists-02 review, Alessandro Vesely

Next by Date:

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review, Murray S. Kucherawy

Previous by Thread:

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review, Rolf E. Sonneveld

Next by Thread:

Re: [ietf-dkim] draft-ietf-dkim-mailinglists-02 review, Douglas Otis

Indexes:

[Date] [Thread] [Top] [All Lists]