Damon wrote: > ...So I > want to say- Trust my signature but expressly distrust my providers > signature if not also signed by me. Both messages, mine and the spammers > are genuine and unchanged, signed by my provider, but only my signed > messages are valid.
SSP is not about "trust". SSP does not provide instructions to recipients. SSP makes declarations about the practices by the sender. In the specific scenario you describe, the trustworthiness of your operator is something that will be assessed by the receive-side component that uses the validated signature(s). d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
