I'm not finding the post, but there was an assertion that DKIM Replay
requires the redistribution to be to /multiple/ recipients.
I do not see that as essential to the nature of the abuse.
One can imagine a spearfishing scenario which uses it for a single
recipient. While no, I doubt that is done, and yes, discussion is
always about many additional recipients, I do not see why its technical
or semantic core requires it.
Rather, that core is simply re-use of the domain name reputation, by
distributing the message further, while retaining the original DKIM
signature.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
bluesky: @dcrocker.bsky.social
mast: @[email protected]
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
