I don’t think it’s a silly question. In fact I recently approached the Mailman
people to explore this question from their perspective.
It may be interesting or even somewhat useful to set up a new header
canonicalization that tolerates this kind of thing for lists, but the real
problem is
Knowing that many mailing lists add [topic] at the beginning of the Subject
line, what if DKIM was set to ignore that part when signing/verifying?
Apart from what's been said:
We did discuss this, long ago. Suppose a spammer used that to replay
signed list messages, changing this:
Subject:
if you folks get this message, the problem must be fixed...
sorry for the hiccup.
d/
On 3/31/2011 4:24 AM, Franck Martin wrote:
telnet mipassoc.org 80
Trying 2001:470:1:76:::4834:7146...
telnet: connect to address 2001:470:1:76:::4834:7146: Host is down
Trying 72.52.113.70...
On 3/31/2011 9:08 AM, Murray S. Kucherawy wrote:
I don’t think it’s a silly question. In fact I recently approached the
Mailman
people to explore this question from their perspective.
It may be interesting or even somewhat useful to set up a new header
canonicalization that tolerates
On Mar 30, 2011, at 11:49 PM, Jim Fenton wrote:
. Goodmail ..
. .
V V
Client - Mail - Transfer - Service - Receiver - Recipient
Goodmail interacted with the creator
On 31 Mar 2011, at 03:16, Franck Martin wrote:
Silly question (?):
Knowing that many mailing lists add [topic] at the beginning of the Subject
line, what if DKIM was set to ignore that part when signing/verifying?
That's an implementation issue for verifiers, isn't it? If an rfc were to
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Ian Eiloart
Sent: Thursday, March 31, 2011 3:45 AM
To: Franck Martin
Cc: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] If DKIM would ignore [] at the beginning of
the
Anyway, the list should be signing messages after adding subject line
prefixes, and after adding body footers. It's the list's signature,
and the list's reputation that need to be assessed by the
recipient. There are many other modifications that a list might make
(like stripping attachments, body
With the output of DKIM being the SDID, the identity associated with the
signature is of course that of the domain. But when my author-specific
domain signs a message for me, it's the domain that does that -- it
doesn't matter that it's an organization of one. Putting author here
just hints
On 3/31/2011 5:49 AM, Jim Fenton wrote:
On 3/29/11 4:53 AM, Dave CROCKER wrote:
Just to be clear: A domain name is capable of being author-specific. I
recognize that it's not typical, but the construct of 'author' is so
fundamental in this game, it's worth acknowledging that it is (still)
On Thu, Mar 31, 2011 at 6:58 AM, Murray S. Kucherawy m...@cloudmark.com wrote:
That's also something we considered when talking to the Mailman people. But
again, this is really a small percentage of what causes author signatures on
list mail to break.
Anyway, the list should be signing
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Al Iverson
Sent: Thursday, March 31, 2011 11:52 AM
To: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] If DKIM would ignore [] at the beginning of
the subject line
On
FWIW, here's how I got DKIM signatures on messages resent by the lists I host
with MailMan two years ago, without needing to wait for MailMan to update
anything at all:
Yup. In most cases, it's really not hard to either tell the MTA to add a
signature on the way out, or use a signing shim
J.D. Falk wrote:
On Mar 31, 2011, at 8:51 AM, Al Iverson wrote:
I think the MLM document makes all of this stuff pretty clear already.
It does to me; it seems like dropping the original signature and
signing with the list manager site signature is the appropriate way to
go.
Yup. The
It looks like the IPv6 address for mipassoc.org isn't working, although
the IPv4 address is.
-Jim
On 3/31/11 1:26 AM, Dave CROCKER wrote:
if you folks get this message, the problem must be fixed...
sorry for the hiccup.
d/
On 3/31/2011 4:24 AM, Franck Martin wrote:
telnet mipassoc.org
The direction of the DKIM specifications since RFC 4871 have been to
rely less and less on the AUID (agent or user identifier, the i= value
on the signature) to the point that it provides no security benefit. On
the other hand, a malformed AUID can cause a DKIM signature not to
verify, and i=
I had the feeling that Y! was using the local part of i= to do differentiation
in reputation. ie various streams within the same domain.
I know the spec intent recommends, different domains for different streams, but
then
Intuition would tell me, that few people are willing (or understand)
17 matches
Mail list logo
