On 7/5/20 7:42 PM, John Levine wrote: > > It would not be hard for a bad guy to use the footer or add-part > transformation to lay a big spammy blob on top of some innocuous > original message. Rather than play cat and mouse and try to figure one > when a change is too big, recipients would use this the same way they > use ARC, and only check it on mail from senders who are generally well > behaved.
That was basically the argument against the l= parameter in DKIM signatures. We did end up keeping l= because it only has effect if the signer uses it and the verifier accepts its use, although it was widely expected that it would not be used much. I suspect that's what happened. -Jim _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
