On 8/14/16 6:46 AM, Steve Atkins wrote: > If there were a protocol that said "if you receive mail signed by this > domain / this key and the recipient isn't in the To: or Cc: field, > block it", or some similar protocol that signed the envelope > recipient, that would pretty much eliminate DKIM replay as a threat in > some cases.
That would be a DKIM flag, right? And you don't want to block- you just want the signature treated as invalid. Then normal DMARC processing could occur. Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
