On 12/7/22 9:16 AM, Barry Leiba wrote:
The purpose of a DKIM signature is, as our original statement put it, to make
sure that a message from your
bank actually came from your bank, even if it passed through your alumni
association. Once it arrives to your
real mailbox, that signature is not needed.
As long as the signature is not removed in the alumni case I'm
somewhat less concerned, but...
In some systems, sieve scripts and other filtering is done *after* the
MUA drops the message in the delivery mailbox. If that drop removes
the signature, that hampers the sieve/filtering process severely. A
sieve "redirect" becomes impossible, and the filtering would not be
able to use the DKIM signature for other purposes either (though it
might be able to rely on the auth-results header field for some
things.
That's what concerns me.
In fact as I wrote in my birth of DKIM post, my original idea was that
Bayesian filters could latch on to public keys of good and bad senders.
That's not how the ultimate implementation panned out, but it is
ahistoric to say that this was only about mail delivery infrastructure
and not MUA's. Their participation was always part of the set of
possibilities of how DKIM could help. Taking those possibilities out is
a huge mistake since we really have little clue how DKIM is being used
in the wild.
Mike
_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim
