Re: [Ietf-dkim] Misuse of antiforgery protocols

Of course, ARC replay will also need to be addressed. But that’s a job for the DMARC working group. -Jim On 30 Nov 2022, at 8:31, Barry Leiba wrote: No one wants it to be the permanent solution, and ARC is one alternative proposal. But “From munging”, while ugly and not without down-sides,

Re: [Ietf-dkim] Misuse of antiforgery protocols

No one wants it to be the permanent solution, and ARC is one alternative proposal. But “From munging”, while ugly and not without down-sides, is something that can be done unilaterally and works. ARC and related mechanisms require widespread adoption in order to be effective. Barry On Wed, Nov

Re: [Ietf-dkim] Remove the signature! (was: Re: DKIM reply mitigations: re-opening the DKIM working group)

> On Nov 20, 2022, at 6:01 PM, Murray S. Kucherawy wrote: > > > > On Sun, Nov 20, 2022, 11:08 Dave Crocker > wrote: >> Seriously. DKIM is intended as a transit-time mechanism. When delivery >> occurs, transit is done. So DKIM has done its job and can (safely?)

Re: [Ietf-dkim] Misuse of antiforgery protocols

That's a question I've always had on this topic. Is 5322.FROM an acceptable long-term workaround for DMARC enforced domains? The community in general seems to be split on 5322.FROM munging and it's use in practice. On 11/30/2022 12:41 AM, Barry Leiba wrote: Unless I’m misunderstanding