On Tue, 12 Oct 2010 14:00:19 +0100, Dave CROCKER <dhc(_at_)dcrocker(_dot_)net>
wrote:
Oh boy. Very sorry folks.
The full text reads:
<t>Similarly, a message not compliant with RFC5322, RFC2045
and
RFC2047, can be subject to attempts by intermediaries to
correct
or interpret such content. See the Section 8 of
[SUBMISSION] for
examples of changes that are commonly made. Such
"corrections"
may break DKIM signatures or have other undesirable
effects.
Therefore, a DKIM agent SHOULD confirm that a message is
compliant with those specifications prior to processing.
But that wording is clearly aimed at MTAs which claim to "improve"
messages passed through them, which is not the problem raised by the scams
under discussion. Moreover, it needs to be clear that both signers and
verifiers need to take action on this, and in the case of verifiers it
needs to be a MUST.
OTOH, it is not necessary to require a full 100% 5322/2045 compliance
check. A header count of the headers mentioned in the "h=" tag should
suffice. I suggested a suitable wording over a week ago.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html