Person A sends the message to Person B. A's server AS does not sign the
message. Person B decides to resend the message to Person C, and B's
server BS duly adds a Resent-From: header and does signing.
As far as BS is concerned, the Resent-From: header is the one that
*should* be signed, not the From: header.
Tony Hansen
[EMAIL PROTECTED]
Hector Santos wrote:
> ----- Original Message -----
> From: "william(at)elan.net" <[EMAIL PROTECTED]>
>
>> So if message has Resent-From field would SSP check be done against From
>> or Resent-From or both?
>
> The verification is already done before the Resent-From was added.
> i.e., Resent-* should not be in original mail.
>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
