Replay protection allows automated reputation management, since it
provides a signed proof of misconduct.
Oh, look, now we're back full circle. Please explain how your reply
protector can tell the difference between an evil replay and a normal
standard garden variety mailing list, short of some giant whitelist of
every mailing list forcing every piece of dusty mailing list software to
upgrade, or using the same heuristics we use now (which, of course, don't
need a DKIM replay detector to work.)
You're also making the assumption that spammers will blast out many
identical messages with the same signature. They stopped doing that in
about 1999, and nobody's suggested what would make them resume doing so.
It's far more likely that they'll keep doing what they're doing now,
sending out messages that are all different, or at most sending to a
handful of recipients before changing the message. Replay protection,
even if it's possible, is of no help.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
ietf-dkim mailing list
ietf-dkim(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/ietf-dkim