On Wed, 13 Oct 2010 19:27:29 +0100, Jeff Macdonald <macfisher...@gmail.com> wrote:
>> If we can extract DKIM from the equation entirely and the problem >> remains, how is it a DKIM problem? > > > I agree with this. > > And even if there was a DKIM signature, it is the BAD GUY'S signature, > which should cause it to go into the SPAM folder, with a large > phishing warning. No, the Bad Guy has used a throwaway domain which has not yet made its way into any blacklist the SPAM checker might have been using. > <rant> > Count me as one of those who was confused early on about what DKIM > provides. DKIM seems to make assurances to message integrity. But it > doesn't. I think the reason why many think it does is because of the > body hash. It is trying to do to much. It should just provide an > identifier that can be verified. Instead of using the body for > hashing, use the Message-ID header along with the Date header and just > hash that. That way most folks would understand DKIM is just providing > an Identifier. > </rant> I have much sympathy with this rant; I think the body could have been handled much better. But it ain't going to change, and Barry has now declared it OT. -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: ...@clerew.man.ac.uk snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html