Charles Lindsey wrote: > On Mon, 10 Dec 2007 14:57:14 -0000, Eliot Lear <[EMAIL PROTECTED]> wrote: > >> Dave, >>> >>> The underlying problem is with coupling the From field to the >>> DKIM signature. At most, the Sender value should be used. >> >> >> It would indeed be nice to use the Sender field, but I would be >> concerned about the Sender field not at least matching one of the >> domains of one of the RFC2822.From lines, lest someone attempt to bypass >> the tests by inserting a Sender. But then we need an extra rule in the >> state machine. Perhaps it is better to explicitly deprecate multiple >>> From lines? As UIs have developed they really don't index well against >> multiple From lines anyway. > > I think if the Sender matches one of the From addresses, and is itself > signed, that should be regarded as a valid originator signature, even > though it doesn't match the first.
On the other hand, one could argue that this could be used as a form of attack - that I Mr. Spammer insert a From line, a Sender line AND a signature, with my main objective being to get mail in as some OTHER >From (like a bank or Ebay), knowing that a particular UI is only going to represent (first|last) From. Remember, a lot of this boils down to how this stuff gets represented to the end user. And I would argue that an abundance of caution is needed, where we err on the side of protecting the recipient. In the end I stick with my preferred way forward: deprecate multiple >From lines. Eliot _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
