On Tue, 25 Aug 2020, Dotzero wrote:
I would expect there to be multiple potential approaches to identifying
acceptable intermediaries.
The harder part is to decide which intermediary gets to re-sign which
message at the time you apply the weak signature.
It would have be the domain in the "To" field. It wouldn't work with
random unknown intermediaries. It would address the MLM issue as long as
the MLM domain is the same as the "To" domain when the message was
originally sent. It could also presumably work for vanity domains if they
DKIM sign. It wouldn't work for forwards on the receiver side that the
sender is unaware of.
If the list is somel...@lists.foo.org, does the signature have to be
d=lists.foo.org? How about d=foo.org?
On the flip side, do you put a weak signature on all of your outgoing
mail, which seems like a bad idea, or just mail that you expect to go
through list modification? In the latter case, how do you tell? These
are the scaling problems that I fear make this unworkable.
Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
