Postfix BIMI support?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Postfix BIMI support?

Jonathan Sélea
Recently stumpled upon BIMI;

https://authindicators.github.io/rfc-brand-indicators-for-message-identification/#rfc.section.3

What is your view on it? I think that BIMI is more a cosmetic thing
rather than something that prevent spoofing.

Is there any plans to implement support for it in postfix?



smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Postfix BIMI support?

Patrick Ben Koetter-2
Jonathan,

BIMI adds an URI as header to a message. It is supposed to point to a
location, where mail clients can download an image, which is supposed to
show a brand indicator, vulgo "logo".

Which kind of support would you expect from an MTA such as Postfix?

p@rick


Am 13.12.2017 um 09:38 schrieb Jonathan Sélea:

> Recently stumpled upon BIMI;
>
> https://authindicators.github.io/rfc-brand-indicators-for-message-identification/#rfc.section.3
>
>
> What is your view on it? I think that BIMI is more a cosmetic thing
> rather than something that prevent spoofing.
>
> Is there any plans to implement support for it in postfix?
>
>
--
[*] sys4 AG
 
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
 
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
 



smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Postfix BIMI support?

Wietse Venema
In reply to this post by Jonathan Sélea
Jonathan S?lea:
> Recently stumpled upon BIMI;
>
> https://authindicators.github.io/rfc-brand-indicators-for-message-identification/#rfc.section.3
>
> What is your view on it? I think that BIMI is more a cosmetic thing
> rather than something that prevent spoofing.
>
> Is there any plans to implement support for it in postfix?

Just like Postfix supports DKIM, DMARC and SPF.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Postfix BIMI support?

Viktor Dukhovni
In reply to this post by Jonathan Sélea


> On Dec 13, 2017, at 3:38 AM, Jonathan Sélea <[hidden email]> wrote:
>
> Recently stumpled upon BIMI;
>
> https://authindicators.github.io/rfc-brand-indicators-for-message-identification/#rfc.section.3
>
> What is your view on it? I think that BIMI is more a cosmetic thing rather than something that prevent spoofing.
>
> Is there any plans to implement support for it in postfix?

BIMI is a bad idea.  Any icons for origin domains should be
selected by the receiving user, and then ongoing authenticated
messages from the same domain will get the user's selected
icon.  A suggested icon could be included in the message
by the sending MUA.

Having MTAs making trust judgements on user-interface security
signals is poor design.  

--
        Viktor.