>> The double signing hack limits the opportunity for trouble to mail >> systems that have a recent real message in hand. While I can >> certainly imagine spammy scenarios, it's hard to imagine ones that >> wouldn't be fairly easy to detect and shut down. ...
>True, the damage is limited to the lifetime of the last v2 signature the >author domain added. I'm being cautious above because I'm sure author >domains would prefer to be proactive about such threats rather than >reactive to them. These days the big mail systems' spam filtering is so fluid that the difference is pretty blurry. I gather that gmail has per-user filter rules and can update them after each message. It is my impression that the problem that persuaded Yahoo to do the DMARC thing was crooks mailing into Yahoo with fake Yahoo return addresses so their own users were complaining. Should crooks use double signing to do that, I'd think it'd be pretty easy to detect and to mitigate. If they're seeing a lot of spam button reports about a particular re-signer, stop putting conditional signatures on mail sent to them. It sure would be nice to get some feedback from large mail systems and hear whether our guesses about them are correct. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc