On Wed, 17 Aug 2005, Dick St.Peters wrote:
DKIM is *not* prone to replay. Yes, you could send the exact same
message over and over in mailbomb fashion, but mailbombing is hardly a
replay vulnerability introduced by DKIM. At most, DKIM causes an
amplification small compared to that from AV-scanning.
This argument is convincing - IF you are doing AV-scanning. We don't,
and never will. It is too expensive, both CPU wise (as you correctly
point out) and because to have a decent pattern database you have to pay
a commercial anti-virus vendor. We take the much simpler route of
not allowing executable content in email. Period. If you absolutely
have to send it, send a link. Of course, detecting what the
incredibly buggy MS Winduhs systems might decide to execute
is not a trivial matter, but it is a lot faster than scanning
for virus patterns.
However, I like DKIM ok. It is optional - you don't *have* to check
the DKIM sig. Yet another reason to have multiple authentication systems
with different tradeoffs.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.