Alessandro Vesely writes:
> On Mon 26/Jun/2023 19:32:53 +0200 Douglas Foster wrote:
> > DKIM+SPF says "our domain, including subdomains covered by this policy,
> > will never use an ESP". (Since most ESP messages pass SPF based on the ESP
> > domain)
That is incorrect. It would also mean we will
Chair speaking and agreeing. While I do not think it's out of scope
to think about how DKIM replay attacks affect DMARC, I think it is out
of scope to design DMARC to address DKIM replay attacks. These two
things are very close to each other, and we're going to have to be
careful about it. But
On Thu, Jun 29, 2023 at 4:18 AM Douglas Foster <
dougfoster.emailstanda...@gmail.com> wrote:
> But I don't have a solution for ESP messages that use DKIM to authorize
> the From, but use their own domain for SPF Pas on Mail From. That
> requires tying the signature to the server and/or Mail
But I don't have a solution for ESP messages that use DKIM to authorize the
From, but use their own domain for SPF Pas on Mail From. That requires
tying the signature to the server and/or Mail From domain using a signature
token
On Thu, Jun 29, 2023, 1:25 AM Murray S. Kucherawy
wrote:
> On