I agree with Dave but I would phrase it differently.
Without DKIM we are forced to use heuristic systems are forced to work at the granularity of the individual message.
* There are billions of messages.
* This is very hard and it is impossible for receivers to reliably share information except for IP blacklists
With DKIM there is still a need for a heuristic component but this can be at
the granularity of the domain and it is possible to share information between
receivers. Reputation services can mediate this exchange and provide data
quality assurance.
It is possible to build an email filtering system that relies almost
exclusively on DKIM. For example DKIM plus using the recipient's address book.
From: Dave Crocker
Sent: Fri 14/10/2005 11:40 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] what DKIM is for
This disagreement about multiple signatures cuts to the heart of what
DKIM is for. If, as Mike Thomas seemed to be saying, the most we can
get from DKIM is another factor to toss into the spamassassin hopper,
we're wasting our time.
Folks,
It seems pretty clear to me that the primary use of DKIM will by in a
receive-side filtering, like spamassassin. That said, the nature of the
information provided is vastly different than most of what such filters use.
Most such information is heuristic in nature. DKIM isn't. It is
objective, precise and reliable.
So the manner in which a filter might use it is fundamentally different
than most of the "I think this is relevant information" style of
analysis done by filters.
The "heuristic" aspect of using DKIM information comes in assessing the
identity, not determining it. Reputation and accreditation mechanisms
require some leeway. Today, even determining the identity is
problematic. DKIM fixes tat.
d/
_______________________________________________
ietf-dkim mailing list
http://dkim.org
_______________________________________________
ietf-dkim mailing list
http://dkim.org