On 10/15/2010 06:51 AM, Charles Lindsey wrote: > On Thu, 14 Oct 2010 18:23:21 +0100, Michael Thomas<m...@mtcc.com> wrote: > >> I would hope so because this would be a really stupid thing to do. >> Without the next line of defense -- virus, malware, spam, phishing -- >> you'd be setting your users up for big problems. Just because it's >> DKIM signed from a good source doesn't mean it's not still evil. > > Have you ever seen an evil message from Ebay?
s/Ebay/Yahoo!, etc, yes. > And yet the current protocol will allow an evil mail _apparently_ from > Ebay to appear, with no means for the recipient to detect the difference. They're not apparently from them. They *are* from them. DKIM is not any indication of whether the content is evil or not, per se. It just says who to complain to if it is evil. > And as regards using current malware detection software, can you please > explain to us how that is supposed to catch an eveil mail signed by a > brand-new throwaway domain that has not yet had time to acquire any > reputation, good or bad? Irrelevant for the current discussion. Mike >> >> That's why all of this hand wringing is silly. > > We are not hand wringing. We are pointing out a protocol that, when > applied in the current (and likely future) Real World, fails to deliver > what it was intended to deliver. > _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html