> Don't think of DKIM as being inviolate offering only a disjointed > sacrosanct identifier. DKIM process must also guard against the > exploitation of its results
+1 By DKIM process, I would include anything cognizant of DKIM upto but not including the MUA. Mike's secret sauce would count here, eg. I for one would have dumb sauce. Perhap prefixing unsigned headers with "DKIM-hidden-" such that only DKIM aware MUAs will render original unsigned content. As others have said, there is nothing between DKIM and the MUA that prevent DKIM exploitation so who is going to solve that problem if not us? Mark. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
