Re: AddAllSignatureResults

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Thu, 13 Jun 2013 12:42:07 -0700 (PDT)

On Thu, 13 Jun 2013, Scott Kitterman wrote:
> You do realize that now that you have signed messages with length limits
> in the wild, anyone can harvest a copy of the message from a list
> archive, append arbitrary text to the end of the message, resend it, and
> it'll pass DKIM. I would suggest not doing that. In fact, if it were
> me, I'd move to a new selector with a new key and never ever set "l"
> again.

One suggestion I've heard is to have a different subdomain for mail that
goes to places where "l" is in use, so that if such attacks happen, the
reputation of the subdomain suffers without (hopefully) dragging down the
main domain.
Received on Thu Jun 13 2013 - 19:42:24 PST

This archive was generated by hypermail 2.3.0 : Thu Jun 13 2013 - 19:45:01 PST