| ▲ | brongondwana a day ago | |||||||||||||||||||||||||
I'm working on the solution to this (co-authors from Google and Yahoo, it's legit): https://datatracker.ietf.org/doc/draft-gondwana-dkim2-motiva... Note that it doesn't help avoid Google actually sending out a message with user-provided text in it, but it does stop it being replayed to you without Google intending it, because the SMTP FROM/TO are protected. The motivation draft doesn't include technical detail, see early drafts of the technical detail in the various related docs at: | ||||||||||||||||||||||||||
| ▲ | brongondwana a day ago | parent | next [-] | |||||||||||||||||||||||||
Bah, the datatracker doesn't list the candidate documents. Here's some direct links: https://datatracker.ietf.org/doc/draft-chuang-dkim2-dns/ https://datatracker.ietf.org/doc/draft-gondwana-dkim2-header... https://datatracker.ietf.org/doc/draft-gondwana-dkim2-modifi... https://datatracker.ietf.org/doc/draft-robinson-dkim2-bounce... https://datatracker.ietf.org/doc/draft-robinson-dkim2-messag... | ||||||||||||||||||||||||||
| ▲ | btown a day ago | parent | prev [-] | |||||||||||||||||||||||||
How would this work with mailing lists/groups? A common pattern is to have emails from third parties to e.g. accounts-payable@example.com be auto-forwarded to members of the relevant team. Would the end recipient team member's receiving system need to be set to "trust" the mailing list forwarder, or internally track what lists it is on to be able to understand that the original recipient accounts-payable is a valid recipient? | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||