dkim-ops
[Top] [All Lists]

Re: [dkim-ops] hammering with a soldering iron, was subdomain vs. cousin domain

2010-09-13 14:22:05
-----Original Message-----
From: MH Michael Hammer (5304) [mailto:MHammer(_at_)ag(_dot_)com]
Sent: Monday, September 13, 2010 12:06 PM
To: Murray S. Kucherawy; dkim-ops(_at_)mipassoc(_dot_)org
Subject: RE: [dkim-ops] hammering with a soldering iron, was subdomain vs. 
cousin domain

I think your last comment is perhaps the most interesting one. As John
Levine frequently reminds us as he invokes King Canute, we cannot tell
receivers what to do. I don't know if this association exists, but if
receivers find an association between failed signatures and malicious
email I can just about guarantee you that they will take advantage of
that data point..... Regardless of what the standard says. Bottom line,
a failed signature will be treated in accordance with those things that
a failed signature is perceived to be associated with.

Naturally that's true, but I think until there's evidence that a negative 
validation should mean something, I'm inclined to believe the RFC's advice is 
right.  That's based on the notion that there are lots of reasons a signature 
validation can go awry, and they're often not the fault of either of the 
endpoints, so arbitrary interruption of the flow of mail seems to be something 
to avoid.

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops

<Prev in Thread] Current Thread [Next in Thread>