We, and a few other ESPs, implemented the x= tag originally for the purpose of reducing the window of opportunity for DKIM replay attacks. Yes I know It's a controversial topic, enforcement is optional and the RFC states it is not intended for that purpose but, in a layered approach against messaging abuse, I think everything plays its part.
Alberto | MailUp ________________________________ Da: mailop <mailop-boun...@mailop.org> per conto di Al Iverson via mailop <mailop@mailop.org> Inviato: giovedì 10 ottobre 2024 00:47 A: mailop <mailop@mailop.org> Oggetto: [mailop] DKIM: Who's using the x tag? Report Suspicious<https://us-phishalarm-ewt.proofpoint.com/EWT/v1/CE2HOkgrh8g!jqqgigASl9RdxfhOk5KvgzIwkgBF_gy2A9wzn5jt9JK4xKZc-f9EHvM07EMUjdIa1L-j6fkwQzHQTZr7uKidJcAaaYrQnhExLwEpPfAFI2j-5XK-1t1B3JiE$> I love the idea of the X tag with DKIM to set an expiration date after which the signature should no longer be considered valid. (As described here, and many other places: https://support.valimail.com/en/articles/8466469-dkim-faqs ). But who actually has implemented this, if anyone? Are you aware of any ISPs, ESPs, automation platforms, anyone, who has done so? I'm not finding much. If you've got any evidence of x= in the wild that you care to share, thank you kindly in advance! Cheers, Al Iverson -- Le informazioni contenute in questo messaggio e negli allegati sono riservate, confidenziali e rivolte ai destinatari previsti. Qualora Lei non fosse la persona a cui il presente messaggio è destinato, o se lo avesse ricevuto per errore, La invitiamo a contattare il mittente, procedendo poi all'immediata cancellazione del messaggio. Ricordiamo che la diffusione, la riproduzione o la divulgazione del presente messaggio o delle informazioni in esso contenute senza autorizzazione del mittente è vietata. Per ogni ulteriore informazione può fare riferimento al sito www.teamsystem.com<https://www.teamsystem.com> o inviare una mail a priv...@teamsystem.com<mailto:priv...@teamsystem.com>. The information contained in this message and in the attachments are proprietary, confidential and addressed only to the intended recipients. In case you are not the person to whom the present message is intended, or if you have received it by mistake, we invite you to contact the sender, then proceeding with the immediate cancellation of the message. We remind you that the dissemination, reproduction or disclosure of this message or the information contained therein without the sender's authorization is prohibited. For any further information, please refer to www.teamsystem.com<https://www.teamsystem.com> or send an email to priv...@teamsystem.com<mailto:priv...@teamsystem.com>. P Stampa questa eMail solo se realmente necessario - Please consider your environmental responsibility before printing this eMail
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
