On 11/22/20 10:41 AM, Kurt Andersen (b) wrote:
As usual, John has pretty well nailed the response, but there was one
other part of your question (Mike) that I thought deserved explanation:
On Sat, Nov 21, 2020 at 7:14 PM John Levine <jo...@taugh.com
<mailto:jo...@taugh.com>> wrote:
In article <dcc265f9-a143-5093-eba0-94ee059c7...@mtcc.com
<mailto:dcc265f9-a143-5093-eba0-94ee059c7...@mtcc.com>> you write:
>If I'm a receiver who is going to be making some filtering decisions
>based on ARC, I see that it passed by some authenticator along
the way
>which is fine, but my question is why I should trust that
intermediary
>in general?
The short answer is that you shouldn't, any more than you should trust
random DKIM signatures.
This also means that ARC isn't useful if you don't have a reputation
system to tell you where the lists and other forwarders that might add
legit ARC signatures are.
On Sat, Nov 21, 2020 at 2:33 PM Michael Thomas <m...@mtcc.com
<mailto:m...@mtcc.com>> wrote:
Or did I miss where ARC resigns the body? Or is there a tie in for
ARC
with the mailing list's resigned DKIM signature for the new message?
The ARC-Message-Signature (referred to as the AMS) includes a
signature over the newly modified message (headers & body) in a way
very similar to a DKIM-Signature. But this does not solve the problem
of a malicious forwarder that does a wholesale replacement of the
(presumably) good content with spam. That's were your own reputation
and content analysis has to come in.
Is there a reason that there is a separate ARC-signature rather than
just using the DKIM signature that is normally created for the new
message? Since ARC is new, you'd not want the intermediary to stop DKIM
signing the message so you end up with essentially two signatures doing
essentially the same thing?
Mike
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc