> > Hey, wait a minute -- isn't that what lists already do? > > The discussion was whether the DKIM signature itself can serve as a > basis for acceptance. In other words, can a DKIM signature safely > accrue a reputation?
If the answer isn't yes, I think we're wasting our time. > A best practice where all DKIM recipients immediately overlay incoming > signature with a signature assigned the role of MDA by the MDA that > would not be accepted by any other MDA would ensure messages available > for replay could be contained. Even assuming that one thinks replay is a problem that DKIM needs to address, which I don't, it's hard to imagine a rule like this being implemented widely enough to be a problem for bad guys. R's, John _______________________________________________ ietf-dkim mailing list http://dkim.org
