On Mon, Nov 14, 2016 at 8:40 AM, Ned Freed wrote:
> > Actually same message to same destination may be
> > sent to different MTAs (e.g. different MXs with same weight).
> > 2.3 Canonization must be better defined. It's usual for MTA to e.g.
> > lowercase the domain of
On Mon, Nov 14, 2016 at 6:01 AM, Vladimir Dubrovin
wrote:
> 1. This standard is not backward compatible with existing DKIM
> implementations. It makes it useless. In addition, in it's current form it
> can not be implemented in most MTAs (see below)
> 2. This standard
On Mon, Nov 14, 2016 at 4:40 AM, Steven M Jones wrote:
> So per Section 5, this form of DKIM signature will fail to verify at a
> receiver who doesn't implement the new feature, period. And in fact any
> forwarding - whether it alters the RFC5322 message or not - would
> produce
> 1. This standard is not backward compatible with existing DKIM
> implementations. It makes it useless. In addition, in it's current form
> it can not be implemented in most MTAs (see below)
It wouldn't work at all in our MTA without modifications because our general
filter interface currently
On 11/12/2016 22:50, Murray S. Kucherawy wrote:
> I've posted a draft that attempts to address an attack that's begun to
> appear with DKIM. Interestingly, we called it out as a possible
> attack in RFC6376 and even RFC4871, but now it's apparently happening
> and being annoying enough that