>The other idea I had borrows from a MIME extension: > >Authentication-Results*0: ... >DKIM-Domain*0: ... >DKIM-Selector*0: ... > >Authentication-Results*1: ... >DKIM-Domain*1: ... >DKIM-Selector*1: ... > >Not pretty, but it would work.
Yuck. >I'm a little worried about the "send one report per authentication >failure" because if I send a message with twenty bogus signatures >bearing your domain name, that's an amplification attack. I suppose, although if I want to mailbomb you indirectly, it's not noticably harder to send 20 messages each with one bogus signature. Until now, all of the major use of ARF was to send back mail to the actual sender, so you could never get more reports than you sent mail. This thing solicits reports of mail sent by other people so the risk of indirect mailbomb is in inherent in it. >> I see that the ABNF in section 4 of the draft doesn't update the >> feedback-report ABNF in section 3.5 of RFC 5965. It better do that >> or there's no place in an ARF report where the new lines can occur. > >It's covered by "ext-field" in Section 3.5 of RFC5965, isn't it? Not if they're supposed to go into the repeating groups. R's, John _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
