> On 9 Aug 2023, at 15:55, Murray S. Kucherawy <superu...@gmail.com> wrote: > > On Wed, Aug 9, 2023 at 2:54 AM Laura Atkins <la...@wordtothewise.com > <mailto:la...@wordtothewise.com>> wrote: >> If there are multiple BCCs that implies that whatever is creating the mail >> must make individual copies of the message with only the BCC recipient in >> that line before it’s signed with DKIM. So for a message with 3 BCCs, there >> are 4 separate copies of the message to be created, one with no BCC header >> and 3 for each of the BCC recipients. Then each message must be individually >> signed. >> >> I’m not sure how that’s going to work in practice. > > I have heard, but have not verified, that some MLMs do this > one-recipient-per-copy thing already, despite RFC 5321 encouraging the > opposite. If true, I don't know whether this was done to allow per-instance > signing or because it allows for better tracking and association of bounces, > or for some other reason. It occurs to me that unless the Date field changes > for each instance, the DKIM signature would be the same for each instance > anyway.
The one per copy is mostly VERP (https://en.wikipedia.org/wiki/Variable_envelope_return_path) related but the signatures should be the same for every message. When we’re signing a field that changes per message, that’s a different situation. > However, if it is already the case that MLMs generally produce a copy per > recipient, then any Bcc scheme would work, and much of the fragility with the > "include the recipient in the signature" approach vanishes. I wasn’t actually thinking about MLMs. I was more thinking about the “normal” case of one-to-few emails. BCC is widely recommended and used in situations where there’s intimate partner abuse as a way to document interactions with the abusive partner. That was, honestly, the situation I was envisioning. What happens if the abusive partner discovers the BCC address because there’s a problem with the code that’s managing the signing? It’s probably much easier to cope with in terms of the MLM code base than the non-bulk code base. But that still brings up the challenges of what recommendations do we make for messages that don’t have a BCC header field? Or can we just recommend that the MLMs and bulk sender software sign a blank BCC field? laura (participating) -- The Delivery Expert Laura Atkins Word to the Wise la...@wordtothewise.com Delivery hints and commentary: http://wordtothewise.com/blog
_______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim