Re: [spf-discuss] SPF, DKIM, and NIH
2009-10-12 13:09:18
On Mon, 12 Oct 2009, Scott Kitterman wrote:
So I still need to accept the message body to determine if it passed?
Sometimes. Here's the matrix:
SPF EDSP Forwarder Action
---- ---- --------- ------
(any) (any) Yes Accept message
Pass (any) (any) Accept message
Neutral No (any) Accept message
Neutral Yes No Let pass RCPT, accept if signed
Neutral Yes Maybe Let pass RCPT, accept if signed
Fail (any) No Reject at RCPT
Fail No Maybe Accept message (grudgingly...)
Fail Yes Maybe Let pass RCPT, accept if signed
SPF none and softdeny are treated same as neutral. The forwarder column
refers to any other intelligence the recipient has as to whether the
message is from a legitimate forwarder.
EDSP refers to whether the MAIL FROM domain has posted an envelope-dkim
signing policy -- not the presence of a signature, which you don't know
yet.
For the 80 percent of mail that has the same mail from and from domain,
what would be the difference between this and a standard first party DKIM
signature?
No difference. In fact, since the required d= value for DKIM/ADSP and
Envelope DKIM in this case are identical, the deployment of Envelope DKIM
at a DKIM/ADSP would not change a byte of outgoing messages in this class.
The main advatange of Envelope DKIM is that it protects you from being
suckered into accepting a message on probation because of a DKIM/ADSP
policy on the MAIL FROM: address, only to find that the header From: is
something completely different.
For the remainder, what would be the difference between this and a standard
3rd party signature?
There's no such thing as a "standard 3rd party signature" at present.
Envelope DKIM might become the first.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] SPF, DKIM, and NIH, (continued)
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH,
Michael Deutschmann <=
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Michael Deutschmann
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Alessandro Vesely
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
|
Previous by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman |
Next by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman |
Previous by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman |
Next by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Scott Kitterman |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|