Re: [Extra] Is this a plausible IMAP extension ?

Ned Freed <> Sat, 02 March 2019 17:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 91C8A130E64 for <>; Sat, 2 Mar 2019 09:05:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id q1AyhXTUAnfJ for <>; Sat, 2 Mar 2019 09:05:02 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9F299130E66 for <>; Sat, 2 Mar 2019 09:05:02 -0800 (PST)
Received: from by (PMDF V6.1-1 #35243) id <> for; Sat, 2 Mar 2019 08:59:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=201712; t=1551545998; bh=7FAfQPi/VXJ0OKR49TLUMGPHolJEuT3S4n1EILBq2M8=; h=Cc:Date:From:Subject:In-reply-to:References:To:From; b=bVJHgBFT12BFbwdxfY9hxbFc1KtmHZP7CYmlX5jB0UzilUY5i29UXOpTzen3oV+ig STHxwCGHsP8sPGb4NwjVsjafy6wAIHsAqT1PWVbUAOSeEyJORokpWqMybsEmmqXxFH AvHsLFFe+MMVNKRc4AtrLfYlwNKvLoY5Ods7/BNw=
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: TEXT/PLAIN; CHARSET=us-ascii
Received: from by (PMDF V6.1-1 #35243) id <>; Sat, 2 Mar 2019 08:59:55 -0800 (PST)
Message-id: <>
Date: Sat, 02 Mar 2019 08:55:52 -0800 (PST)
From: Ned Freed <>
In-reply-to: "Your message dated Sun, 03 Mar 2019 00:35:31 +0900" <20190302153532.86AEF200F83ABF@ary.local>
References: <> <20190302153532.86AEF200F83ABF@ary.local>
To: John Levine <>
Archived-At: <>
Subject: Re: [Extra] Is this a plausible IMAP extension ?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Email mailstore and eXtensions To Revise or Amend <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 02 Mar 2019 17:05:17 -0000

> In article <> you write:
> >The question is what value, if any, does that add. As I see it the big problem
> >is that nothing prevents from signing a pointer to Google's logo.
> >Or a logo that looks very, very similar to Google's.
> >
> >Until and unless BIMI offers a solution to this problem, I'm afraid I see very
> >little value here.

> That's where we came in, the recipient MTA validates the logo, adds a
> header pointing to the validated logo, and adds a magic IMAP flag to
> say that it's done so.

How is this validation performed? If the answer is the DKIM signature check,
that doesn't address the issue at hand in any way I can see.

> I'm not saying that's a particularly good way to do it, but it's not
> like they haven't thought about it.  There's also the mess of how in
> the real world you determine whether the owner of a domain should be
> using any particular logo.

Precisely my point.


> PS: there's some urgency here since the big gorillas are showing
> sender logos now and not doing a wonderful job of it.