On 19/08/2024 08:45, Murray S. Kucherawy wrote:
Are you observing widespread use of "l="? I seem to recall it had almost completely fallen out of use.
At the beginning of this year it was widespread enough to be of concern. Some claim it was only one bulk mailer, our data shows it was/is more widespread than that.
We wrote a blog post about it, urging senders to disable it and receivers to start ignoring the tag (some now do).
Citing Wei Chuang (from Google) from an another thread:
As the blog post authors state, the new thing is that folks are using DKIM with body length "l=" tag. I too was surprised to see data supporting what the author wrote, that many many senders are signing DKIM with body length. While small in overall traffic volume, they are a diverse group with many Fortune 500 companies and others with significant infrastructure responsibilities that send messages with DKIM with body length. Over the last 7 days there are 71048 distinct domains that had at least one passing DKIM signature with body length. There is a long tail of senders with just a few messages of their overall traffic volume which masks their usage, but many also send the majority of their traffic signed with body length and thus much more easily found.
Best Regards, Taavi Eomäe
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
