ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Review of draft-fenton-dkim-threats-01

2005-10-29 20:02:33
Yes, and if there were a proposal for standardizing something that
depended on solving World Hunger first, I would be skeptical of
that too.

Since the people I know involved with DKIM expect it to be plenty useful
without third party reputation services, I'm not sure what your point is.

Mail servers all have a homebrewed idea of reputations.  You can't run a
server these days without it.  Merely having a way to identify mail sent
from domains in a local whitelist or blacklist will let that mail bypass
slow and inaccurate heuristic spam filters, without any reference to an
external reputation service.

Would it be nice to have third party reputation services?  Sure.  But
having been trying to get people think about them in the ASRG for the past
two years, I can report that we have a few rather incompatible
experiments, none have gotten significant traction, and we don't even have
any agreement yet on what the semantics of a reputation query or answer
would be.  This is research, not standards work.

Demanding reputation systems for DKIM is approximately like saying that
SMTP depends on solving the problem of getting mail into users' mailboxes.
Every SMTP server has to have a way to get the mail into the mailboxes,
but we've been getting by without a standard way to do it for 25 years and
SMTP seems to be usable anyway.

Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet 
for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
ietf-dkim mailing list
http://dkim.org

<Prev in Thread] Current Thread [Next in Thread>