On 4/16/2025 2:33 PM, Larry M. Smith wrote:
Hypothetically, if I were evil[1], I would sign up for a target
domain's newsletter and mutate messages with this DKIM2, and resend
them. While forensic investigation would reveal the subterfuge, what
gets displayed via the user's MUA is verifiable via DKIM2 and
presumably trusted. I expect overuse of m=nomodify and this Could
make the motivation for DKIM2 somewhat moot.
Discussions about DKIM Replay have tended to get muddled by the
introduction of many abuse scenarios that are problematic, but are not
what was originally introduced as DKIM Replay. It's not that those
other scenarios are not of concern, but that they do not have the
features of re-using an existing, valid DKIM signature, and unmodified
message content, for distribution to new recipients.
I believe there is something approximating rough consensus that simply
including the original recipient address in the DKIM signature, and
validating it by the receiver, should be enough to suppress DKIM Replay.
Discussion of other abuse scenarios, such as what you describe, have not
so far been amenable to an equivalent mechanism that is expected to be
as effective.
We need to be careful not to try to boil the email abuse ocean...
Security gateways and ARC
I have not seen use of the term 'security gateway', for email, until the
recent drafts, which did not define it.
My assumption is that it is meant to refer to the receive-side filtering
gateway, but that is just a guess.
I am finicky about the names we choose for things, because the choices
greatly affect intuition and scope of utility. Since the word
'security' is extremely generic, has no specific technical meaning, but
invites a wide range of misleading intuitions, it is especially
problematic as a labeling choice.
(my comment is not directed at you, Larry, but to the group discussion.)
Bounce pathing
Current architecture of an overall mail systems may result in a
forwarder not being directly accessible for the general Internet. I.e.
there might not be a path to port 25, or any other port, to anyone
outside of the local site. This might create issues.
good point.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
bluesky: @dcrocker.bsky.social
mast: @[email protected]
_______________________________________________
Ietf-dkim mailing list -- [email protected]
To unsubscribe send an email to [email protected]
