Here's a short list of what I think DKIM tries to accomplish, with the threat being what happens when it's not accomplished. Please note that I use terms like "sender" in a general sense.
1. DKIM makes it easier to detect sender forgery. The three important kinds of forgery are: * Pretending to be someone with a good or neutral reputation to avoid recognition as someone with a bad reputation (spam) * Pretending to be someone with a good reputation to take advantage of that reputation (phish) * Pretending to be someone with a good reputation to send material intended to damage that reputation (joe job) There are other forgery scenarios possible, but these are the ones I see every day and the ones that seem important to deal with. 2. DKIM avoids depending on endpoints. That is not to say it can't be done at endpoints, but its design is tuned to work on mail servers. The reasons are that endpoints are hard to set up (because there are so many of them, and they're unmanaged) and usually insecure. 3. DKIM matches the ways that mail is sent and received. ISPs can do DKIM for their users, list management software can do DKIM on mailing lists, common kinds of forwarding work, etc. R's, John _______________________________________________ ietf-dkim mailing list [email protected] http://mipassoc.org/mailman/listinfo/ietf-dkim
