There should be a generalized rule to not automatically
process
information from unknown sources. Processing includes
fetching images,
running scripts, validating digital signatures, and
verifying IP address
authorization (especially when this might require
hundreds of
transactions). Such a rule will not expose internal
handling and
minimizes risks associated with DDoS attacks.
Only when a _trusted_ source has been verified, should
the message be
annotated. A recipient's address book could be one
method of
determining a trusted domain where out-of-band
verification techniques
can be employed.
I certainly agree that a major part of the solution is to
not process dangerous E-mail arriving from
unfamiliar/untrusted senders.
That said, we need to provide a default rule which allows
receiving "safe" mail from new, first-time senders
(long-lost friends, Customer Service requests from
customers, etc), subject to SpamAssassin-like
determination that it doesn't "look like" spam.
As for DKIM, I don't have strong opinions one way or the
other at this point, but continue to remind folks that
sometimes people send legitimate E-mail messages from
inhabitual locations. This could be a cruise ship
Internet cafe, an Internet E-mail sending room in a post
office in Beijing, or a "business center" in a hotel. I
think it's far more important WHAT IS IN the E-mail than
where it "came" from.
Gordon Peterson
http://personal.terabites.com
1977-2007 Thirty year anniversary of local area
networking
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg