> When I pointed out that the "first from" rule enabled a trivial end > run around SSP, by using a real first address and a forged second > address that is likely to be visible in MUAs, I naively assumed that > it would be obvious to everyone that any rule other than checking all > the addresses would have the same hole, hence the fix is to check all > the From: addresses, and then move on to something else. >
I for one understood the assumption you made. Misunderstanding was not this issue in my mind. The issue is what to do about evil do'ers that would certainly take advantage of this "MUST" - It concerns me. > But no, we got endless nattering instead. This is not a subtle point, > and I share Steve Atkins' concern that a group of people who don't > understand the way that e-mail works can't design a working protocol. > What? Regards, Damon Sauer _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
