On Mon, 30 May 2011, Steve Atkins wrote:
The most obvious thing that MLMs do that invalidate signatures are 1.
append content to the body and 2. prepend content to the subject line. Any
approach that allows me to replay messages while making those changes
seems to open the door to abuse.
Look at the big picture though. It is true that once spammers adapt to
it, a weak signature that tolerates appended body text and a mutilated
subject will have an atrocious false negative rate.
But, right now we have a 100% false negative rate for purported senders
who use mailing lists, since such senders will not publish
dkim=discardable. A loose signature can only improve things.
Also, there's another way a weak signature could be helpful, even if it
was *so* weak that it forgives any message mutilation other than to the
To: and Cc: headers:
My mailserver is programmed to refuse blind carbon copies (with
exceptions for the mailing lists I subscribe to). If a forger attempted
to lurk on a mailing list and then replay the shortest message he sees
there with his spam appended, he still won't be able to reach me, since
the To: header will contain that list's submission address, and not my
address.
(If he used a list I subscribe to, he still loses. My exceptions are
keyed on the MAIL FROM:, and SPF guards that.)
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html