On Wednesday, February 15, 2017 03:55:45 PM Alice Wonder wrote: > On 02/15/2017 02:22 AM, Dominic Raferd wrote: > > Thanks for your answer. > > > > There may be a problem between DMARC and mailing lists - I avoid > > p=reject or p=quarantine on domains I use for posting to mailing > > lists. > > > > SPF proves sender identity but final recipient MTA cannot rely on it > > if there are any intermediate relaying servers between it and the > > originating MTA; so while SPF=pass proves sender identity, SPF=fail > > proves nothing. DKIM proves content and/or header integrity but not > > sender identity (false DKIM can be injected - see > > http://www.zdnet.com/article/dkim-useless-or-just-disappointing/). > > DMARC uses alignment to prove identity *and* integrity; it is a > > solution to a fundamental problem, as I understand it. > > I would hope that two different FROM fields would trigger spam filters. > > I don't know that they would, but I hope that they would. > > Is there a legitimate use for two different from fields?
For what it's worth, stopping this particular problem is trivial. You sign the original message as if there were two From values, the existing one and one that's empty. If someone else adds another one, verification fails. This has been the default behavior in (for example) opendkim and dkimpy since 2012 [a year before the referenced blog post was written. I wouldn't worry about it too much. Scott K
