Spam Resource: ICYMI: Understanding DKIM Replay Attacks

Al Iverson just published a new insightful article on Spam Resource:

My friends at the Certified Senders Alliance put on a fantastic (if I do say so myself) webinar this week, where Sebastian Kluth (CSA), Fredrik Poller (Halon) and yours truly (Al Iverson) shared our thoughts and understanding about DKIM Replay Attacks. If you missed it, never fear! I’ve got a recap and recording for you below. An Overview of DKIM Replay: Email forwarding with malicious intent A DKIM replay attack involves taking an already sent message and re-injecting it via SMTP to new recipients. Often, lots of recipients. Bad guys utilize a loophole in the concept of DKIM authentication in that DKIM was meant to allow for email forwarding without failing authentication, so authentication signatures are based on the domain, content and headers, without any consideration for what server (or what IP address) transmitted that email message. Authentication is effectively divorced from infrastructure and encased entirely with the email message

Continued here: ICYMI: Understanding DKIM Replay Attacks