It may well be unenforcable. If I send an email directly to [EMAIL PROTECTED] signed and with the SSP record of > "I sign all email, and do NOT permit email through any body or > signature altering gateways" I will open a session on port 25 at mx.cs.tcd.ie and hope that the receiving mta does not add its own sig to the message before depositing it to the inbox. Local rules might require the additional sig to ensure that the inbox only gets mail from the edge mta. Now if Stephen is using one of Doug's dkim aware MUA's that "see's" 2 signatures where only one should be might flag the message with a red warning "suspicious mail lies here" or inform Stephen that the message was deleted because the SSP didn't match. Thanks, Bill Oxley Messaging Engineer Cox Communications, Inc. Alpharetta GA 404-847-6397 [EMAIL PROTECTED]
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Stephen Farrell Sent: Monday, September 11, 2006 3:11 PM To: Thomas A. Fine Cc: [email protected] Subject: Re: [ietf-dkim] SSP and mailing lists Hi Thomas, This isn't really directed at you, but I've wondered each time someone has said something like: Thomas A. Fine wrote: > "I sign all email, and do NOT permit email through any body or > signature altering gateways" I've no idea how a sending domain could enforce the "do NOT permit" there. Neither in practice, nor in principle. Does anyone? (This may just be my own ignorance of course, I don't claim to be a mail expert.) If its unenforceable, then I don't see why anyone would bother making the statement. Stephen. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
