[Asrg] where the message originated
Dave CROCKER
dhc at dcrocker.net
Mon Jan 12 13:15:25 PST 2009
Franck Martin wrote:
> I have run a series of tests, where I sign a message (sent by me) but with
> only the Return-path containing my domain (DKIM does not sign the return-path
> as recommended in the spec).
DKIM has nothing to do with the rfc5321.MailFrom address or anything else in
SMTP. It is a message-level mechanism, not transfer-level.
The dkimbase signing specification's reference to return-path cautions *against*
including it as part of the signature data.
What are you referring to about "as recommended in the spec"?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
More information about the Asrg
mailing list