Right, maybe it wasn’t very clearly stated - obviously to do anything with DKIM you’re signing messages, proving to the recipient mail server that the message is authentic. The goal is to avoid creating transferable proof that the message is authentic - by the time the recipient shares the email with someone else the private key is public and that someone else only sees that the recipient either received the email or put the email in their inbox using IMAP, but has no idea which.
Matt > On Jul 11, 2020, at 08:21, Ralph Seichter via mailop <[email protected]> > wrote: > > * Matt Corallo via mailop: > >> The goal isn't to sign emails, in fact ideally we wouldn't have to at >> all. The goal is only to get the deliveability advantages of DKIM >> *without* signing (or at least without non-reputably signing) email. > > I'm struggling with your stated goal. If you don't DKIM-sign outbound > messages, you won't have "advantages", as you put it. If you do sign > your messages but the verification fails, there won't be advantages > either. > > Only if the DKIM signature verification succeeds, the receiving party > may (!) count this in your favour, but you cannot influence what happens > at the recipient's end beyond creating a proper DKIM signature. > > -Ralph > > _______________________________________________ > mailop mailing list > [email protected] > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
