On Sep 13, 2010, at 2:38 PM, Murray S. Kucherawy wrote:
I don't have specific data, but since ADSP is so controversial and no
third-party authorization mechanism has been endorsed so far, my guess would
be that there are only two possibilities: ESPs are signing using their own
domains to sign, or ESPs have customer key space delegated to them one way or
another. I don't have hard data about which is more prevalent, but we're
definitely seeing both in the stats reports I'm getting now.
I don't have specific data either, unfortunately, but I've talked with
co-workers who work closely with ESPs. They say the former scenario where ESPs
sign with their own domains is still more common, because in general ESPs are
more authentication-savvy than their clients tend to be. However, a few ESPs
do support the latter scenario of customers delegating keys, and more have
talked about doing it as soon as their clients are ready.
The ESP domain wasn't chosen because anyone thinks it's a better practice,
however. It's because otherwise, they'd be sending unauthenticated mail -- and
many in the ESP world fear disastrous deliverability consequences if they
aren't fully buzzword-compliant.
(Note that this is "ESP" defined as a company who sends bulk, often commercial
email on behalf of other companies, not the older, more general sense of any
entity who provides any service related to email.)
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops