On Mon, 30 May 2011, Steve Atkins wrote: > The most obvious thing that MLMs do that invalidate signatures are 1. > append content to the body and 2. prepend content to the subject line. Any > approach that allows me to replay messages while making those changes > seems to open the door to abuse.
Look at the big picture though. It is true that once spammers adapt to it, a weak signature that tolerates appended body text and a mutilated subject will have an atrocious false negative rate. But, right now we have a 100% false negative rate for purported senders who use mailing lists, since such senders will not publish dkim=discardable. A loose signature can only improve things. Also, there's another way a weak signature could be helpful, even if it was *so* weak that it forgives any message mutilation other than to the To: and Cc: headers: My mailserver is programmed to refuse blind carbon copies (with exceptions for the mailing lists I subscribe to). If a forger attempted to lurk on a mailing list and then replay the shortest message he sees there with his spam appended, he still won't be able to reach me, since the To: header will contain that list's submission address, and not my address. (If he used a list I subscribe to, he still loses. My exceptions are keyed on the MAIL FROM:, and SPF guards that.) ---- Michael Deutschmann <[email protected]> _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
