Murray S. Kucherawy wrote:
> On Fri, 20 Feb 2009, Franck Martin wrote:
>> Should we not query every time the DNS, to check that this domain will
>> sign every message as policy and that a non signed message is
>> therefore invalid?
>
> You would then only query for a non-signed message, not every message.
>
>> In the case of the ebay announcement that all messages will have a
>> DKIM signature, how do you implement at the receiving MTA level this
>> verification?
>
> Why is there a need if the message is signed and the signature validates?
I believe he is referring to the new fact "Ebay ALWAYS sign messages"
can be used as a RULE when they isn't one present:
Mail purported from Ebay
-> Has No Signature
-> My internal MUST-SIGN-DOMAINS.TXT file say it MUST
-> REJECT!
--
Sincerely
Hector Santos
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
