>joebob.org SSP = isp.foo.com is my signing entity >isp.foo.com SSP = I sign 3rd party mail >http://foo.com/list_of_entities_I_sign_for
This strikes me as a situation where DKIM works fine on its own. DKIM doesn't require any prearrangements. You just sign the mail. You set your MTAs to sign the mail going out. It arrives other places, and they say aha, it's from Cox, they're OK so I'll treat it favorably, without having to worry about who's on the From line. (Or they might say, it's from Cox, they stink, but there's not much you can do about that.) Assuming that people believe that Cox's mail system is well run, your signature is all they need to link the mail with you. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html