On Wednesday 09 August 2006 14:34, Tony Hansen wrote: > -1 > > I want companies such as eCard senders or News Agencies to be able to 1) > send a message on my behalf while 2) marking themselves as the sender > and 3) being able to sign the message. This minimally requires support > for RFC2822.Sender as well as RFC2822.From. > > I *would* support changing it to > > 1. Mail with a RFC2822.From or RFC2822.Sender A is sent to B with a > missing or broken DKIM signature > > This has nothing to do with PRA and its support for Resent-From and/or > Resent-Sender. > Agree it has nothing to do with PRA, that's why I say don't use the word purported.
Since many popular MUAs do not display Sender, including Sender defeats nearly the entire purpose of the Bigbank example. I think what you would want then is the DKIM signing complete practice. I think we went around several times on From or From/Sender and there was (in my opinion, which I know counts for exactly nothing) a reasonable rough consensus that From was what we should focus on. Keep in mind that the Big Bank example is explicitly about phishing targets that are willing to accept breakage of some legitimate e-mail functionality. That doesn't sound like your case. Scott K _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
