John Levine: > >There's a strong correlation between badly structured emails (SMTP, > >MIME, HTML) and email that the recipient doesn't want to see. > > You're right, but I think that's largely orthogonal to DKIM. If a > message has a good signature from a credible signer, I expect I'd want > to show it to the user even if it had structure problems. I'd like to > make the trust model as simple as possible, preferably > > good signature -> good messsage
I agree with John's earlier message that to make DKIM useful for automated whitelisting, we end up with something slightly more complicated: valid signature + good signer + no suspicious unsigned content -> good message My preference would be to enforce this within the existing protocol (that is: send h=from:from:subject:subject...), but I could live with hard-coded checks for unsigned single-instance RFC 5322 and MIME headers (that is: no DKIM PASS for unsigned "extra" From, Subject, MIME-Version, Content-type, etc. headers). Wietse _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html