I know people think I'm wrong, but I think it needs to be looked at a
different way. As a recipient, I don't want 'proof' that this message
came from Alessandro, I want 'proof' that it came from the
ietf-822(_at_)ietf(_dot_)org mailing list.
I think you're right.
I concur as well.
I've said for years that lists should sign
their mail with their own DKIM keys, and recipients should look at
those list signatures to filter the mail.
I'm not even sure that's necessary, but of course it can't hurt. Indeed, right
now, with the exception of IETF lists, having a signature makes the odds it's
spam more, not less, likely.
None of the theories about why you would care about preserving
incoming signatures have ever impressed me as having any relationship
at all to the ways people actually use mailing lists. It's either a
vague "more secure", or a passive aggressive list manager who is
skilled enough to jump through hoops to preserve the signatures but
too much of a doofus to keep junk out of the list.
Nicely put and I agree.
Ned
_______________________________________________
ietf-822 mailing list
ietf-822(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-822