ADSP test #2 with DKIM=DISCARABLE

12 views

Skip to first unread message

Hector Santos

unread,

Oct 16, 2009, 4:06:39 AM10/16/09

to dkim-s...@googlegroups.com

Simple test from Thunderbird MUA.

--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com

Hector Santos

unread,

Oct 16, 2009, 4:17:39 AM10/16/09

to dkim-s...@googlegroups.com

Hector Santos wrote:

>
> Simple test from Thunderbird MUA.
>

These two test show GOOGLE is not supporting (violating) RFC 5617 for
domains who have an ADSP DNS record DKIM=ALL or DKIM=DISCARDABLE.

By ignoring RFC 5617, two problems are created:

1) Google is accepting mail from ISDG.NET that is not signed.
This allows for forged or spoofed ISDG.NET mail submissions
into this group by any client.

2) Google is forwarding signed mail with d=googlegroups.com
as a 3rd party. Any list member downlink receiver (MDA)
who is supporting RFC 5617 will potentially reject/discard
the message.

Reply all

Reply to author

Forward

0 new messages