dkim-ops
[Top] [All Lists]

Re: [dkim-ops] subdomain vs. cousin domain (when deploying"discardable")

2010-09-09 16:44:41
  On 9/9/10 1:04 PM, McDowell, Brett wrote:
But, before we dismiss the problem you raised... .gov domains*are*  highly 
phished and they share this TLD problem with .edu.  That said, how many 
.gov-ers need to (or are allowed to) participate in public mail lists.

Ugh!  We simply have to fix the root cause of MLM's breaking DKIM signatures.
Disagree.  This would then mean MLM messages become visually similar to 
messages from individuals. This type of change won't happen overnight, 
or perhaps even within the same decade.  Many lists don't authenticate 
the source of each message being distributed.  Until there is universal 
adoption of A-R header and DKIM, it remains beneficial for these 
messages to be visually different when issued by a mailing-list.  Some 
MUAs have extensions able to display various header fields, like 
List-ID.  It would be helpful if MUAs had a display option for this 
header field.

On the other hand, the TPA-Label concept is premised upon third-party 
sources being recognized by senders.  As the diversity of sources 
increase, identifying good rather than bad becomes a more productive 
strategy.  For this scheme to function, the sender will need to 
reference a third-party list that meets their requirements, or generate 
their own.

By placing the DKIM signature within a subdomain, the TPA-Label can also 
indicate to recipients how _any_ authorized message with From header 
fields containing an address from their domain is to be authenticated.  
This scheme should help email transition gracefully to stronger 
methods.  This scheme should also allow phished domains the ability to 
use a single domain for all of their email, including messages from 
unmodified mailing-lists, while also offering the strongest protection 
available from each source.

-Doug

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops

<Prev in Thread] Current Thread [Next in Thread>