Re: [Mailman-Users] cause of bounces

Wed, 18 Oct 2017 15:40:30 -0700 

On 10/18/2017 03:42 PM, Dimitri Maziuk wrote:
Because the very first $relayhost may apply transport encoding. You have to compute the hash before that happens. 

It's my understanding that DKIM is usually applied by the egress MSA / MTA.


I guess an MSA could apply DKIM itself.  It would need to publish it's 
public key / selector in DNS.  So that's probably a reason not to have 
every MUA apply DKIM itself.  It is probably much more economical to 
apply DKIM at the MSA / 1st MTA.



Ideally intermediary MTAs / receiving MTA would not need to apply 
content transfer encoding.



It's my understanding that MTAs prefer to avoid changing the message 
unless there is a requirement to do so.  I.e. downstream MTA won't 
accept the message as it currently is.



My "why can't you..." question was more why can't an MX do an operation 
that an MUA can do.  -  I was thinking you were saying that a receiving 
MTA couldn't validate before accepting a message.



That does not contradict what I said. Low specificity means low
probability of detection of "bad stuff". I.e. it doesn't mean much that
most of it passes.



Ohkay, so what exactly am I the end user is supposed to need it for?



I don't know that DKIM is really targeting end users.  I think DKIM is 
more targeting postmasters to configure on their MTAs.



I'm using a Thunderbird add-on that allows me to see / validate DKIM in 
my receiving MUA.  (My MSA applies DKIM for me.)



I, as a postmaster, want DKIM for a couple of reasons, 1) I want to be 
able to filter incoming messages based on DKIM (for better or worse) and 
2) outgoing DKIM signing for use in conjunction with DMARC.



You (/me waves hands around the room) may not care enough to bother with 
DKIM.  That's your prerogative.  Just like we are all free to run our 
mail servers that way that we want to.




--
Grant. . . .
unix || die


------------------------------------------------------
Mailman-Users mailing list Mailman-Users@python.org
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org

























					Reply via email to