On Tue, Feb 14, 2023 at 11:18 AM Michael Thomas <m...@mtcc.com> wrote:
> Have you considered something like rate limiting on the receiver side for > things with duplicate msg-id's? Aka, a tar pit, iirc? > As I recall that technique is sometimes not suggested because (a) we can't come up with good advice about how long you need to cache message IDs to watch for duplicates, and (b) the longer that cache needs to live, the larger of a resource burden the technique imposes, and small operators might not be able to do it well. > And to be clear, what do you mean by "oversigning"? Is it something > different than just signing the Subject, etc, header in the first place? > This was a term invented to refer to the technique described in Section 8.15 of RFC 6376. -MSK
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim