On Tue, 8 Jun 2004, Steffen Kaiser wrote: > 1) Because the key (a random value) is used by a particular host, I trust > it. > 2) The host would, if it sends me mail, either add such header anew or > overwrite an existing one; or remove the header at all. > 3) When spooling the message, the header is removed.
Correct. > "The key should be kept confidential, but it's not disastrous if it leaks > out." That's because an outsider cannot slipstream the correct header, > because: > either the outsider cannot use the same IP than my trusted hosts or, if > the mail gets relayed through one of the trusted ones, the key gets > deleted or overwritten by the trusted host. Right. It's not exactly military-grade security, but unless someone can spoof your IP address, it's reasonable. > A more "correct" (robust / secure) method would be to use certificates > communicating between trusted hosts, right? Yes. Something like Yahoo's DomainKeys scheme can be used to guarantee that a message passed through a particular server. That's required on the Internet, but in a more controlled network, a simpler (but less secure) system is probably OK. Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
