this is a german Web-Mirror of MHONARC.ORG powered by Domainunion AG

ietf-smtp
[Top] [All Lists]

RE: More comments on: draft-melnikov-smtp-priority-02

2011-07-13 22:59:29

-----Original Message-----
From: owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org 
[mailto:owner-ietf-smtp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Alexey 
Melnikov
Sent: Tuesday, July 12, 2011 10:34 AM
To: Alessandro Vesely
Cc: carlberg(_at_)g11(_dot_)org(_dot_)uk; SMTP Discussion
Subject: Re: More comments on: draft-melnikov-smtp-priority-02

Second, protecting MT-Priority by DKIM-signing it results in broken
signatures in case the priority is altered by a conforming server
before relaying to a non-conforming one.

Right. This is indeed a problem. But I am not yet sure what would be
more important - preserving the priority value (in case some downstream
MTA support it), or preserving the DKIM Signature. I need to think a
bit more about that.

If the MTA is DKIM-aware, it could detect whether MT-Priority is signed and 
then decide not to change it.  But that seems pretty complicated.

I think in this case it should simply re-sign the message after alteration.

You could also discourage signing of it, citing this example.