ietf-asrg
[Top] [All Lists]

Re: [Asrg] Third party DKIM signatures

2006-06-01 21:07:53
What do you mean "Manual confirmation doesn't scale"? Unless you are  
one of those people that like to collect domains and enjoys mixing  
the sender domains and the From domains, the number of addresses that  
an individual would need to confirm would be quite limited.

I fear that we're suffering a major failure of imagination here.  I
know people who use thousands of e-mail addresses with various
permuations of date, correspondent, and type of mail.

I said earlier that the ISP could quarantine outgoing mail until the  
confirmation succeeded. Even better would be to reject the mail in  
the smtp transaction from the user to the ISP with a comment that a  
confirmation email has been sent to the From address.

What a complete waste of effort.  If I were an ISP using DKIM, I would
be sure there was a header in my outgoing mail with enough info to
identify the customer (opaque token is fine), and include it in the
signature.  Then if a recipient objects, I know who the guilty party
is regardless of what address he used.

R's,
John


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg