SM wrote:
At 09:08 18-08-2005, Scott Kitterman wrote:
It isn't entirely clear to me exactly where DKIM wants to live in this
chain. Is it a tool for the SMTP server to reject messages from SMTP
clients that are doing something unauthorized? Is it a tool for
post-acceptance filtering and routing in the MDA? Is it a tool meant
to give MUAs information to display to end users?
There has been a lot of discussion about rejection. Up to now, we have
"rules" and RBLs to reject "bad" messages. Mail filtering also has a
negative impact on mail delivery. DKIM also provides the building block
for whitelisting mail. It can also be abused as we have seen in the
discussion about replay attacks.
The better capabilities we have to reject messages during the SMTP
session, the less filtering will be required. In my opinion, rejection
is much better than filtering.
Rejection saves resources for the receiver. Rejection gives the sender
near immediate feedback on the fate of the message.
Filtering dooms messages to an uncertain fate.
The more messages we can get rid of by rejection, the more reliable we
make the mail system.
Whitelisting is important too, but unless a receiver intends to limit
their correspondence to known senders, it is only a small part of the
solution
Scott Kitterman
_______________________________________________
ietf-dkim mailing list
http://dkim.org