On 3/7/20 3:53 PM, Sean Donelan wrote:
On Sat, 7 Mar 2020, John Levine wrote:
This must be some DKIM other than the one the IETF standardized and
every large mail provider uses to manage mail streams. There's no
CA's, you publish your own verification key in your DNS, and it costs
nothing beyond the software upgrades to use.
Most DNS registers avoid verifying customer information as long as the
payment clears (for a short time). DKIM (and DNSSEC) is built on top
of trusting tokens from third-parties which disclaim all liability.
That's not how DKIM works at all. Even a little bit.
Mike
