dkim-dev
[Top] [All Lists]

Re: [dkim-dev] dkim and email list software - adsp

2009-09-30 03:50:18
On Wednesday 30 September 2009 15:21:12 Jim Fenton wrote:
I'm really hoping that receiving domains don't overreact to ADSP 'all'
assertions

going off what you said http://mipassoc.org/pipermail/ietf-
dkim/2009q3/012515.html you're hoping everyone is on the same page.

; there is a very large difference between publication of an
'all' record and a 'discardable' record.
at least discardable is clear even if it is hard to deploy on human email 
populated domains.

Domains publishing 'all'...
Verifying/assessing receivers should understand that signatures do get
broken, so they might want to scrutinize messages that are received
without a valid author domain signature more carefully when an 'all'
practice is published

One way they might do this is to add a positive
bias to the spam score calculated by SpamAssassin and similar content
filters.

So a broken cryptographic signature with a dkim=all policy assertion comes 
down to a fuzzy filtering policy. And this needs to apply to all received mail 
and not just email lists (after all what's a semi-reliable signature of an 
email address that won't be abuse the second you define it).

is this that can be done?

This might be counteracted by the presence of a DKIM signature
from a trusted domain, such as the venerable mipassoc.org.

ok - so similar what I was talking about with verification. Receiver's need to 
maintain a trusted third party domain list so that ADSP=all senders can be 
received relying on third parties if their signature is broken.

better, but is a bit of a maintenance load.

The 'discardable' practice is intended only for transactional domains
and similar domains having very restricted usage patterns.
acknowledge. Though cannot be applied to existing domains that have staff 
emails and are a high phishing target.

A 'discardable' domain probably has no business using mailing lists; many
of their messages would/should not be delivered.
ack

I hadn't considered
the possibility of the mailing list manager software checking ADSP and
rejecting subscription requests if the subscriber domain publishes
'discardable', that might be an interesting idea although of course many
subscribers don't ever send anything to the lists anyway.
you could just as easily test on mailing list manager reception rather than 
subscription.

To summarize:

'all' and 'discardable' are NOT the same
Please interpret 'all' with the understanding that signatures do get
legitimately broken (don't overreact)
and apply some random filtering mechanism that cannot tell whether it is 
spoofed or not.

One other comment:  One of your earlier messages referred to a missing
signature as 'fails ADSP really badly'.  This implies that a present but
invalid signature is better than a missing signature.

Please don't think of it this way, 
I wasn't - I definitely was considering invalid the same as missing treatment 
wise.

-- 
Daniel Black
Infrastructure Administrator
CAcert

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
dkim-dev mailing list
dkim-dev(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-dev