As I see it, the problem isn't with DKIM, it's with the
implementation of DMARC and other such filters. Almost all
of them TEST THE WRONG FROM ADDRESS. They compare the Author's
address (the header From: line) instead of the Sender's address,
(the SMTP Mail From: transaction or Sender: header line).
For personal mail, these are almost always the same, but for
properly-functioning mailing lists, the Author address is the
email address of the person submitting the posting to the mailing
list, and the Sender address is the error-return ("bounce") address
of the mailing list.
If the filter checked the Sender address of mail instead of the
Author address, mailing lists wouldn't be broken!
- Brian
I don't think DKIM is (the source of) /the/ problem per say. Rather I think it's a complication of other things (DMARC) that interact with DKIM.
it's with the implementation of DMARC and other such filters. Almost all of them TEST THE WRONG FROM ADDRESS. They compare the Author's address (the header From: line) instead of the Sender's address, (the SMTP Mail From: transaction or Sender: header line).
I believe it's more than just the implementation. The DMARC specification specifically calls out the RFC 5322 From: header.
Further, RFC 7489, Appendix A, § 3 speaks directly to this.
If the filter checked the Sender address of mail instead of the Author address, mailing lists wouldn't be broken!
Perhaps. However I fear we would be facing an entirely new type of spam that used spoofed From: headers and perfectly legitimate Sender: headers (that also match the RFC 5321 SMTP FROM address.) See RFC 7489 § A.3.1
In article <20171129183535.GB18534@UCSD.Edu> you write:
As I see it, the problem isn't with DKIM, it's with the
implementation of DMARC and other such filters. Almost all
of them TEST THE WRONG FROM ADDRESS. They compare the Author's
address (the header From: line) instead of the Sender's address,
Sigh. I have my differences with the people who designed DMARC but
they are not stupid and they really do understand the relevant RFCs.
Some of them even wrote some of those RFCs.
The reason they look at the From: line is that's the one recipients
see. The Sender: header was a nice idea but in practice, it's not
useful.
Not old enough to have had an Executive Secretary processing your incoming snail-mail before it gets to you?
The "envelope" in which a letter arrived is just as important as the letter itself and contains valuable information that is duplicated in e-mail -- the postmark (received headers), the return address (mail from); and, the delivery address (mail to).
It was an offense to discard the envelope in which correspondence arrived since it is used to determine the validity of the snail mail.
Current e-mail clients are comparable to having a secretary that throws out the envelope and snips off most of the inside addressing information and delivers only the heavily redacted letter so that no determination of its validity is possible.
In article <11e9c18dac053c4bb91b95a4993c116f@mail.dessus.com> you write:
Not old enough to have had an Executive Secretary processing your incoming snail-mail before it gets to you?
Probably about the same age as you, but I hope that after 50 years of
e-mail we have figured out that the parallels with paper mail are
imperfect. The e-mail envelope is a metaphor, you know.