It appears that Alessandro Vesely <[email protected]> said: >On Wed 16/Apr/2025 21:04:27 +0200 Richard Clayton wrote: >> In message <[email protected]>, Larry M. Smith >> <[email protected]> writes >> >>>Experience has shown that threat actors are willing to go to great >>>lengths to have access to a large pool of resources to abuse and then >>>rapidly discard.[1] Knowing what object to apply poor reputation to for >>>the last event often doesn't help for future ones. >> >> Indeed so, but reputation systems (because once again to state the >> obvious, protocols cannot prevent bad email, but they can provide tools >> for handling it efficiently) may take the view that a brand-new identity >> that has acted as an intermediary to alter some email is not especially >> trustworthy... > >This position leads to ARC-style authentication, where one must trust that the >changes are benign. > >DKIM2 has change tracking. Can't we tell whether a change is evil or not?
Um, I think RFC 3514 applies here. R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
