Rhialto <rhialto%falu.nl@localhost> writes: > Personally, I would consider everything that changes my From: header > to be a misrepresentation and fraud. Agreed, basically. > So SPF and DKIM are... not my favourites. They aren't the problem. DKIM is a signature put on by the sending domains MTA, and when the message is modified, it correctly detects that problem. SPF can be used to check that when a MAIL FROM identity is asserted (envelope sender), that the sending domain is ok with it coming from that address. Checking this can allow declining messages with forged MAIL FROM. The problem is the combination of DKIM, and DKIM mandatory checking (DMARC) mailinglists that modify the mail, to make it be something different from what the sender sent (changing subject, adding junk at the end and NetBSD's mailing lists do not have these modification problems. (This is not surprising; NetBSD has a culture of good judgement. :-) The next problem is that when mailinglists are modifying mail and running to DMARC issues, a typical response is to forge more headers, rather than refraining from modifying the message.
Attachment:
signature.asc
Description: PGP signature