Obfuscating the domain is quite suspicious because then, what entity is
taking responsibility for that email? What abuse help-desk can the
potential receiver recourse to?
The one whose DKIM signature is on the mail, of course. Sigh.
That would be the no-longer valid (assuming it ever was) and non-aligned
DKIM string? Why would you trust something that is not valid and can't *be*
validated? Also, if there are multiple such strings - which one?
No, it's the valid signature from the mailing list that signed the mail on
the way out. If there are multiple valid DKIM signatures, you can use any
or all of them, since that is the way DKIM works. Here, for example, is
the signature from your message to the dmarc list to which this is a response:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1;
t=1401910901;
bh=Ss7UP6fdlg/Nn7B/DiNdPNOOAEUDmP2bqWwILrhzH7s=;
h=MIME-Version:Date:Message-ID:From:To:Cc:Subject:List-Id:
List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
Content-Type:Sender;
b=MG+QM40OoHTFFfoMx4ONQNlBZ4J63pI0KWkBEeXuDB+t1owHvEYV7svNAo9F0uIwd6LQIIVb+6kfy10c4nzZYkt1uSEFZ8uRnqN8x/yOa+SMy4OrHY+zMERFuxQnwW3cTUB
LOpGzXqDnf5TZGgwPPhk4SES64N0dko/8gcZzlGo=
And here is the A-R header that showed it was valid:
Authentication-Results: iecc.com; spf=pass [email protected]
spf.helo=mail.ietf.org;
dkim=pass header.d=ietf.org header.b="MG+QM40O";
dkim=fail (bad signature) header.d=drkurt.com header.b="Kof3SYv1";
dmarc=fail.none header.from=drkurt.com policy=none
DKIM has been a standard for over seven years. Why are we still dealing
with these elementary questions about the way it works?
Regards,
John Levine, [email protected], Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
