It appears that Allen Robinson <[email protected]> said: >I generally don't see evaluation of the content as a problem DKIM2 needs to >solve. The modification algebra allows for attribution of content to a >signing domain. Local policy could always decide that certain classes of >changes aren't deemed acceptable, and having an identity to attach to the >content/changes could be useful for making those policy decisions.
I expect we'll have a variety of heuristics. There will be some high volume list hosts like groups.io and pobox style mail forwarders that you know are well behaved so you accept their changes. In the modification algebra, we'll have a set of familiar changes that are reliably benign, like adding the list name to the subject header. If we can work with people who write list managers, we can encourage them to do common modifications in consistent ways that are easy to recognize. (This wouldn't be any harder than the anti-DMARC stuff they've already added with far less ugly results.) Beyond that, I don't expect there to be a whole lot of detailed analysis of exactly how a message was changed. Each signer will develop a reputation, so you decide whether to accept their changes depending on what your users think of their mail. Rememeber that even if the changes are OK, the original message might not be. In my experience, it is extremely rare for a legit message coming *into* a list to fail DMARC alignment. The unaligned ones I see are almost all address book spam where the spammer happens to fake the address of a subscriber, and it makes sense to reject them. R's, John _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
