In <[email protected]>, on 02/12/2012
at 06:02 PM, "Bank Security" <[email protected]> said:
>Sigh++. If you'd looked at the message you were complaining about,
>you'd have seen a valid DKIM signature with d=banqofamerika.com.
Indeed, but neither DKIM nor SPF is relevant.
>You
can't tell whether that's a phish or a joke
That's because DKIM doesn't provide for the functionality, not because
it can't be done.
>without external knowledge about the domain.
A TXT RR containing a public key would be external knowledge of the
domain.
>As Murray says, speculation about the design of reputation systems
>or of other kinds of authentication are utterly out of scope here.
Then we should be neutral with regard to future technology, not
preclude it.
>PS: Any replies to this message MUST be sent to both the list and
>me.
Then why isn't there a ReplyTo header field?
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
Atid/2 <http://patriot.net/~shmuel>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
_______________________________________________
marf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/marf
