I was at the same event and I do think this may have some merit. Mike
On 10/29/09 9:45 AM, "Dave CROCKER" <[email protected]> wrote: > > > > Rolf E. Sonneveld wrote: >>> >> ... if they can do so, you accept the entire email. >>> >> >>> >> In either case you accept the entire email, >> > >> > Not necessarily. Many if not most Edge ADMD MTA's perform all sorts of >> > actions after the MAIL FROM phase and before the DATA phase. Think of >> > greylisting, call back verification, use of RHSBL, use of local BL and >> > WL's, etc. etc. > > > I was just at a session at an industry trade association where the question of > doing DKIM during SMTP came up. There were operations folk who very much > liked > the idea of being able to obtain some DKIM benefit during the SMTP session, > before the dot... > > No one suggested modifying SMTP or DKIM specifications. > > What /was/ discussed was the possibility of doing a signature that would > validate before DATA. This merely requires a signature that does not cover > the > body. > > I can't say that anyone sounded hugely enthusiastic about this, but given that > there was interest in SMTP-time benefit, I think they just needed to think > about > this more. > > Having two signatures, with one covering the body and relevant parts of the > message header, and the other only covering the header, strike me as a > plausible > use of DKIM, worth considering. I've no idea whether it would provide any or > enough value-add. However it is only a stylized use of the existing standard, > and so the cost of experimenting with it is reasonable. > > d/ > > -- > > Dave Crocker > Brandenburg InternetWorking > bbiw.net > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html >
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
