J.D. Falk wrote:
On Sep 2, 2010, at 11:54 AM, Hector Santos wrote:
I think the issue is that we don't know what the assessors do
Some of us have a pretty good idea. The people who design reputation
systems don't do so in a vacuum; they're constantly reacting
to spammers' latest tricks. If massive unauthorized
replaying of unmodified DKIM-signed messages ever becomes a real
issue, they'll adjust accordingly.
Of course. But what do you (I guess one system speaking for the
myriad of assessors) want DKIM mail breaking resigners to do?
A) Strip Signature
B) Keep Invalid Signatures
How do MLM developers help you guys do a better job? How do we warm
you up with reduced false positives? Give us a purpose, a reason to
do this stuff, and do so correctly?
Hector Santos, CTO
NOTE WELL: This list operates according to