On Wed, Oct 13, 2010 at 2:47 PM, Scott Kitterman <ietf-d...@kitterman.com> wrote: > On Wednesday, October 13, 2010 02:27:29 pm Jeff Macdonald wrote: >> And even if there was a DKIM signature, it is the BAD GUY'S signature, >> which should cause it to go into the SPAM folder, with a large >> phishing warning. > > No. That misses the point entirely. The problem here is that one can take a > DKIM signed message that is signed by any entity and add additional > From/Subjects and the message may still appear to be the one signed by the > original entity even though it's been modified post-signature.
Right. I had understood that and then forgot. If DKIM is just viewed as providing an identifier and nothing more, then this is a MUA problem. If DKIM is viewed as providing more than an identifier, then this is a DKIM problem. -- Jeff Macdonald Ayer, MA _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html