2008/9/18 Iulian : >> Parerea mea e ca tu vrei DomainKeys dar nu stii :) > > Posibil sa ia dreptate, daca DomainKeys imi "dovedeste" ca orice mail > care a ajuns la un destinatar, are continutul "original"(asa cum a > plecat din postfix), si nu a fost "manarit" de catre destinatar, dupa > receptie. Din cate stiu eu, DomainKeys certifica doar faptul ca un mail > a fost receptionat de la un anumit server de mail, si nu de la > altul(adica pot spune ca un mail a venit de la gmail.com, si nu din alta > parte - asta pt. ca gmail foloseste DomainKeys). > Daca gresec, suport indrumari catre calea ce dreapta :)
http://en.wikipedia.org/wiki/DKIM DKIM adds a header named "DKIM-Signature" that contains a digital signature of the contents (headers and body) of the mail message. The default parameters for the authentication mechanism are to use SHA-256 as the cryptographic hash and RSA as the public key encryption scheme, and encode the encrypted hash using Base64. The receiving SMTP server then uses the name of the domain from which the mail originated, the string _domainkey, and a selector from the header to perform a DNS lookup. The returned data includes the domain's public key. The receiver can then decrypt the hash value in the header field and at the same time recalculate the hash value for the mail message (headers and body) that was received. If the two values match, this cryptographically proves that the mail originated at the purported domain and has not been tampered with in transit. _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
