On Mon 20/Mar/2023 07:04:11 +0100 Emanuel Schorsch wrote:
In my mind, there are two important things I would like to see achieved:
1) Distinguish indirect from direct flows (encode in some way which server /
mailingList the original DKIM message was intended to come from). This is
needed for domains that aren't easily identifiable as direct flows (SPF isn't
aligned by DKIM in the direct case).
Rather, one could try and rescue the ethical nature of direct flows by
understanding the forwarder. Consider, for example, a message where To: or Cc:
mention l...@example.net, and there is a signature which has d=example.net, and
finally SPF validates example.net too. The flow is indirect, but there's an
easy inference in this case.
If it is clear why a message was forwarder from the original header recipient
to the actual envelope recipient, then it has the same worthiness as if it were
direct.
2) Give more info to identify benign indirect flows (E.g. "forwarded on behalf
of"). This is helpful for recognizing a recipient's desired indirect flows.
In an attempt at classifying indirect flows in order to justify forwarding,I
drafted this:
https://datatracker.ietf.org/doc/draft-vesely-email-agreement/
The idea is that forwarding requires to set up something where the target email
address is explicit. If that is legitimate, it can as well be published.
Note that this isn't to say indirect mail would be deprecated.
Indeed, it'd be self-contradictory to discuss here a document which deprecates
mailing lists.
Best
Ale
--
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
