Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joi

On 27/Sep/10 17:07, John R. Levine wrote:
> > > Good point.  So it's two things, lists should sign outgoing mail, and
> > > discard any incoming mail with dkim=discardable.
> > No, they should reject the email at SMTP time. The email is NOT
> > discardable when it arrives at the MLM. Rejection at SMTP time does
> > no harm, and gives the sender an opportunity to fix the problem.
+1 for the idea, but...

> OK, so during the SMTP session, more particularly during the interval
> between receiving the dot at the end of data and returning a status
> code, my SMTP daemon needs to:
>
> * identify recipient addresses that are mailing lists
... that's not quite feasible, since your MLM doesn't have to tell 
your MTA what of a particular kind of user it is.  So let's say at 
SMTP time the MTA accepts the message, possibly flagging it with 
dkim-adsp=pass in the A-R field.

Now the MLM does its editing job.  It knows the original message was 
signed, so it makes sense to verify if the signature is still good 
after any changes have been applied.  In case verification fails, it 
shouldn't try to distribute an adsp-breaking message, so it can either 
send back a bounce or drop it.

Going for the bounce is not a bad design decision, because after all 
these are signed messages from verified subscribers.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html