On Tue, Nov 15, 2016 at 11:56:11AM -0600, Scott Kitterman wrote: > Not at all. As I understand the scenario, the provider knows it's > bad, doesn't send the mail on to the outside world, but still gives a > signed copy back to the originator (which is then available for > replay).
My understanding is an attack where the email is sent to an outside address owned by the sender, who then gets a copy of the email, signed by the provider who didn't think the email was bad. Signing an email that you know is bad does indeed sound like a bad idea. Martijn. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html