On Jan 23, 2006, at 12:14 PM, Miles libbey wrote:
This is very interesting. For our antispam system I'd like to be
able to distinguish between mailing list traffic and person to
person traffic, since they largely have very different
characteristics.
It is possible direct person to person traffic and list-server
traffic use the same signing domain. The proposal for the 'w=?'
parameter is to identity three roles. The MSA, mediator, and MDA.
The MDA is intended to provide a non-deliverable signature, used in
much the same way as a non-routable IP address for local networks.
When the signature includes a meditator designation, rules regarding
the use of headers can be so tailored.
In this sense, to me, 'do the right thing' would be to re-sign the
message -- we've been able to use Yahoo! Groups (re)signing as a
feature.
Agreed, but the domain itself may not be a clear indication that the
role of the MTA is a mediator and there are more mediators than just
list-servers. This would be more important when DKIM is attempting
to identify the source of originating email (MSA), and ensure it is
not confused with mediators such as list-servers, where it could be
seen otherwise as a spoof attempt.
I'm sure that others could easily argue that doing the right thing
is to leave the message in a way that encourage the final receiving
system to check the initial signature, so they could apply rules
based on the original author.
The concern there would be whether an anti-replay strategy develops
that attempts to hold the receiving domain accountable for replay. I
can not imagine how one could use DKIM to safely hold the email-
address accountable. The replay abuse could just as easily occur
from the recipient. As a general rule, accountability should be
focused on the domain as a practical and manageable level of
resolution. There is virtually zero cost associated with adding
additional email-addresses, so what would a email-address reputation
be worth?
-Doug
_______________________________________________
ietf-dkim mailing list
http://dkim.org