On Sat, Apr 12, 2025 at 12:45 AM Dave Crocker <d...@dcrocker.net> wrote:
> > The mailbox provider's explanation that this is entirely legitimate > email, that comes from where it says it does, has a DKIM1 signature that > > attests to it not being altered in any way cuts little ice. > > Looks like you are viewing my comments as meaning nothing should be done > about DKIM Replay. But I never said nor implied that. > > It is, however, curious that there is no interest in considering that > the relatively few platforms generating this problem, through a lack of > accountability, might maybe oughta be considered for making some changes > to -- and I am sure this will be a surprising suggestion -- their > controls on their users? > I think that's a pretty clear, simple, and noble assertion, but the problem is that it is really really really hard to achieve at the scales we're talking about, especially in the presence of motivated and incentivized bad actors. That's not an attempt to deflect accountability at all; it is a resignation that it's virtually impossible to close that hole completely, which leads us to the "Is there some other technical solution that can help here?" question. And here we are. -MSK
_______________________________________________ Ietf-dkim mailing list -- ietf-dkim@ietf.org To unsubscribe send an email to ietf-dkim-le...@ietf.org
