On Fri, 08 Apr 2011 19:55:09 +0100, Franck Martin
<fmartin(_at_)linkedin(_dot_)com>
wrote:
On 4/8/11 23:38 , "Charles Lindsey"
<chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk> wrote:
In practice, there are three usages which seem to be common; are there
others?
1. FROM = Alice@whatever i=sales.example.com d=example.com
2. FROM = Alice(_at_)example(_dot_)com i=sales(_at_)example(_dot_)com
d=example.com
3. From = Alice(_at_)example(_dot_)com i=bob(_at_)example(_dot_)com
d=example.com.
.....
So my inclination is to leave 'i=' there. ...
This is outside the current DKIM spec, but from your example, we could
define 3 level of reputations for the domain d=example.com (I'll exclude
case 1. As I don't know yet what to do with it)
Level 1) Alice
Level 2) sales or bob
Level 3) the whole domain example.com
It is then possible to decide if we should block (or whitelist) all
emails
from alice, or all emails coming from sales (or bob) stream, or all
emails
signed by d=example.com
I think you may have missed the point of my 'bob' example. It would have
been clearer if I had said:
3. From = Alice(_at_)example(_dot_)com i=mallet(_at_)example(_dot_)com
d=example.com.
Where mallet is some disgruntled example.com employee posing as Alice. A
human seeing that evidence (E.g. in an A-R header) might well conclude the
message was bogus. But it would be hard for an automaton to spot it.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html