[Asrg] where the message originated (was: DKIM role?) (SM)
Dotzero
dotzero at gmail.com
Mon Jan 19 10:37:50 PST 2009
On Mon, Jan 19, 2009 at 12:48 PM, Ian Eiloart <iane at sussex.ac.uk> wrote:
>
>
> --On 19 January 2009 07:55:26 -0800 SM <sm at resistor.net> wrote:
>
>> At 03:55 19-01-2009, Ian Eiloart wrote:
>>>
>>> Er, a lot. Would you rather bank with an organisation that published
>>> SPF records, or not? I know I would.
>>
>> I would prefer if my bank used a mechanism for email that protects the
>> integrity of the content.
>>
>>> I'd also like an email client that tells me when the From: header
>>> domain doesn't match the return-path domain.
>>
>> There are cases where the From: header may not match the Return-path
>> domain; for example, messages from this mailing list. It's also common
>> for web-generated email traffic but that's mainly because most users are
>> not aware that specifying the email address for the From: header doesn't
>> set the email address for the Return-path.
>
> Yes, I know. Presumably your bank doesn't email you through this list or any
> other, though. What I'm after here is avoiding bank phishing. When
> communicating with my bank, I want them emailing me directly, to my current
> email address.
>
> I'd be just as happy if they used DKIM to sign the message. I'd still need
> my mail client to tell me that it was signed properly, though. And, signed
> by the owner of the address that I can see in the message headers.
>
How happy will you be when your ISP checked the DKIM signature
upstream from your mail client, added in x-headers showing the check
(and possibly other things) and broke the signature?
More information about the Asrg
mailing list