On 4 Apr 2025, at 14:31, John R. Levine wrote:
> On Fri, 4 Apr 2025, Jim Fenton wrote: >>> My understanding is that it means forwarders /always/ rewrite the bounce >>> address. It could be SRS or anything to a similar effect. >> >> They don’t always do that. A “transparent forwarder” (think ~/.forward or >> /etc/aliases in *nix) typically leaves the envelope-from address alone. That >> is a long-standing behavior that isn’t likely to change. > > Look at the motivation document. The idea is there's a signature per hop, > with the bounces sent back hop by hop. This addresses several problems: a > hop can undo changes so it doesn't reveal its downstream addresses, and an > ESP that mails on behalf of a company can get the bounces and deal with them > rather than having them go to the company which has no idea. This was a review of the motivation document, so I was looking at it. I may have understood Ale’s comment. Apparently transparent forwarders like I described, which of course will still exist, are not compatible with DKIM++. So the original comment might have been intended to be, “it means forwarders that are compatible with DKIM++ /always/ rewrite the bounce address”. -Jim _______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
