[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Asrg] where the message originated
yes, that part, dkimbase reference to not include return-path as part of the signature data, because it is likely to be modified during transit.
----- Original Message -----
From: "Dave CROCKER" <dhc at dcrocker.net>
To: "Franck Martin" <franck at avonsys.com>
Cc: dcrocker at bbiw.net, "Anti-Spam Research Group - IRTF" <asrg at irtf.org>
Sent: Tuesday, 13 January, 2009 9:15:25 AM (GMT+1200) Auto-Detected
Subject: Re: [Asrg] where the message originated
Franck Martin wrote:
> I have run a series of tests, where I sign a message (sent by me) but with
> only the Return-path containing my domain (DKIM does not sign the return-path
> as recommended in the spec).
DKIM has nothing to do with the rfc5321.MailFrom address or anything else in
SMTP. It is a message-level mechanism, not transfer-level.
The dkimbase signing specification's reference to return-path cautions *against*
including it as part of the signature data.
What are you referring to about "as recommended in the spec"?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Asrg mailing list
Asrg at irtf.org
http://www.irtf.org/mailman/listinfo/asrg