Atlas48
/
cracker
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update index.md

This commit is contained in:
cosmos88 2019-02-10 03:08:14 +05:30 committed by GitHub
parent 3872f4e24e
commit 82744a7858
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
index.md
View File

@ -42,12 +42,14 @@ But while forwarding they additionally add their DKIM signature to the mail and
According to [rfc6376](https://tools.ietf.org/html/rfc6376#page-34)
```A message might also have multiple signatures because it
```
A message might also have multiple signatures because it
passed through multiple Signers. A common case is expected to be
that of a signed message that passes through a mailing list that also
signs all messages. Assuming both of those signatures verify, a
recipient might choose to accept the message if either of those
signatures were known to come from trusted sources.```
signatures were known to come from trusted sources.
```
Most of the Verifiers (receivers) choose to process signatures corresponding to the `From` field in the message header before other signatures.
When a receiver uses SPF, the receiver looks at the domain found in the RFC5321.MailFrom to figure out where to look for an SPF record. The RFC5321.MailFrom address is the entity that is passed along as part of the “MAIL FROM” command during the SMTP conversation. When an SPF check successfully completes, the receivers ends up with an “Authenticated Identifier” that is the domain of the RFC5321.MailFrom. So at the receiver's end SPF check always get passed on behalf of the forwarder's IP and not the sender's IP( sender ip == attacker ip)