>Hence, I could send a phish as: >"From: PayPal <[email protected]>"
Um, you must be new here. We've argued about this ad nauseam over the years. As Dave points out, DKIM does not "validate" anything other than that the message you received is the same as the one the signer signed (for a perhaps too complex version of "the same".) Anyone can sign a message which contains this: From: PayPal security <[email protected]> or even this: From: PayPal security <[email protected]> Despite a great deal of wishful thinking to the contrary, DKIM signatures are only useful to the extent you recognize the signer and have a good or bad opinion of the mail they sign. This is one of the reasons I've argued that ADSP is not useful; that it is trivial to circumvent if it becomes widely enough used to be an issue for phishers. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
