Arbitrary Forwarding
As mentioned above, authentication is not the same as abuse prevention: DKIM doesn't prevent a spammer from composing an ad at a reputable domain so as to obtain a signed copy of the message. Using an l tag in a signature makes doctoring such messages even easier. The signed copy can then be forwarded to millions of recipients, e.g. through a botnet, without control. The email provider who signed the message can block the offending user, but cannot stop the diffusion of already signed messages. The validity of signatures in such messages can be limited by always including an expiration time tag in signatures, or by revoking a public key periodically or upon a notification of an incident. Effectiveness of the scenario can be limited by filtering outgoing mail, ensuring that messages potentially useful to spammers are not being signed, or just not sent.
Read more about this topic: Dkim, Weaknesses
Famous quotes containing the words arbitrary and/or forwarding:
“We do the same thing to parents that we do to children. We insist that they are some kind of categorical abstraction because they produced a child. They were people before that, and they’re still people in all other areas of their lives. But when it comes to the state of parenthood they are abruptly heir to a whole collection of virtues and feelings that are assigned to them with a fine arbitrary disregard for individuality.”
—Leontine Young (20th century)
“I was duped ... by the Secretary of the treasury [Alexander Hamilton], and made a fool for forwarding his schemes, not then sufficiently understood by me; and of all the errors of my political life, this has occasioned the deepest regret.”
—Thomas Jefferson (1743–1826)