Scott Kitterman writes: > Keeping in mind that one of the advantages of this approach is not > needing to keep a real time list of mediator addresses users in > your domain might send to, to make this work at scale, I think the > fs= signature has to be put on all messages.
I don't think so. I think that a conservative approach of keeping the list in the user profile and doing weak signatures in the MUA will work for a large proportion of users (Yahoo!, AOL, GMail, Hotmail, up-to-date SquirrelMail etc installations), plus the hard core of Emacs users (Gnus will have a zero-day implementation, no doubt) and mutt users (I know, it's not like Emacs and mutt are a significant proportion anymore, it's the principle of the thing). Anybody who's thinking about putting fs= on all users on all outgoing mail will probably think twice and just not do it. Or I kinda hope so. > The damage is that all it takes is one message from your domain > sent to a 'bad' domain and then that domain can generate arbitrary > messages that will pass the test. OK, I hadn't envisioned the "let's see just how badly we can implement this protocol" scenario, but yes, it's a real issue. Note that Murray's other proposal (MIME-part-by-part signatures) supports a heuristic to get around this (if you can't find any original parts, it's spam). I guess you can come pretty close to arbitrary, though. Steve _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
