On 9/2/10 4:26 PM, J.D. Falk wrote:
Some of us have a pretty good idea. The people who design reputation systems
don't do so in a vacuum; they're constantly reacting to spammers' latest
tricks. If massive unauthorized replaying of unmodified DKIM-signed messages
ever becomes a real issue, they'll adjust accordingly.
Were DKIM domains to become a primary basis for message acceptance, then
replayed messages will become a real issue. The question is "Then what
strategy is needed next without expecting the world to change how
applications handle email." One answer might be TPA-Labels applied at
the transport level during message exchange. :^)
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html