On Wednesday, October 13, 2010 02:27:29 pm Jeff Macdonald wrote: > And even if there was a DKIM signature, it is the BAD GUY'S signature, > which should cause it to go into the SPAM folder, with a large > phishing warning.
No. That misses the point entirely. The problem here is that one can take a DKIM signed message that is signed by any entity and add additional From/Subjects and the message may still appear to be the one signed by the original entity even though it's been modified post-signature. Scott K _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html