> 4. How does the sending MTA know when to stamp this v=2 DKIM header?
> Presumably, it would need to have a list of known forwarders stored somewhere?
yeah, CDKIM suffers from the same spoofing issue DKIM-D does.
1. aka, if u don't create a whitelist for ur sending MTA to know when to use
CDK
Terry Zink writes:
> 4. How does the sending MTA know when to stamp this v=2 DKIM
>header? Presumably, it would need to have a list of known
>forwarders stored somewhere?
Maybe John's answer in his parallel post is what you're looking for,
but my interpretation is that this is a matter
Thanks for this, it makes sense. Some questions (may or may not have been
discussed already or in your Internet draft):
1. The DKIM-Signature v=2 is only in the headers in the email, correct? Or,
would a DKIM DNS record also have v=dkim2; ?
No need to change the keys, since the hashing and s
known forwarders stored somewhere?
-- Terry
-Original Message-
From: John Levine [mailto:jo...@taugh.com]
Sent: Thursday, June 19, 2014 5:38 PM
To: dmarc@ietf.org
Cc: Terry Zink
Subject: Re: [dmarc-ietf] signature sample, was So if you don't want
Here's an example. The top si
Here's an example. The top signature is from the list, the second and
third signatures were applied by the sender. The second is the normal
signature and the third a weak conditional signature. The third has
cs=fs which means it's only valid with an additional (forwarder)
signature, and fs=t mean
