--On 13 October 2009 09:32:20 -0700 "Murray S. Kucherawy"
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of John R. Levine
Sent: Monday, October 12, 2009 7:24 PM
To: Daniel Black
Subject: Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the
I can assure you that Paypal and eBay are quite aware of DKIM and ADSP,
and I have personally heard them encourage ISPs to drop unsigned mail
purporting to be from them due to the amount of forgery. Nonetheless,
they don't publish ADSP. This tells me that I'm not the only one who
thinks that there isn't a business case for ADSP.
Another data point: Google Mail won't use ADSP because they will not
discard someone's mail outright without a written agreement from the
sending domain agreeing to same, absolving them of responsibility for
mail that never arrives.
You mean that they won't publish ADSP records? Or that they won't respect
any ADSP records? Or that they won't discard "discardable" messages?
Logically, none of these things follow. Publishing ADSP records doesn't
mean that Google will discard anything, though it does grant permission for
others to do so. They have lots of other things that they can do as a
result of ADSP fails. Presumably, they'd be more aggressive with
quarantining mail if there's an ADSP record that renders a specific email
discardable. Heck, they could even argue that publication of
"dkim=discardable" does absolve them.
IT Services, University of Sussex
For new support requests, see http://www.sussex.ac.uk/its/help/
NOTE WELL: This list operates according to