"Scenario B is technically possible but makes no sense. If you have the
ability to sign mail, why wouldn't you sign your own?"
because this is a special purpose domain simply to manage 3rd party
signage, the domain itself will not send any mail. Saying I only sign
3rd party would allow people to regard any purported mail from that
domain with a large degree of suspicion
thanks,
What am I missing here?Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: John L [mailto:johnl(_at_)iecc(_dot_)com]
Sent: Friday, July 28, 2006 11:55 AM
To: Oxley, Bill (CCI-Atlanta)
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: 3rd party signing
It may well be true that you only sign third party mail, but I still
don't understand what use a recipient might make of that information.
If they get unwanted mail from someone and you've signed it, they'll
complain to you regardless.
A recipient will then have a valid party to complain to which is
better
than blocking a domain that has been spoofed.
I still don't understand the scenario. Let's call the domain isp.com.
Is it:
A) No mail has an isp.com From: address, but mail with other From:
addresses may have an isp.com signature.
B) Mail goes out with From: addresses at isp.com, but none of it is
signed. Mail with other From: addresses may have an isp.com signature.
C) something else.
Scenario A is "we send no mail," with the possibility of third party
signatures on other mail being irrelevant. Like I said, if you sign it,
you'll get the complaints no matter what your SSP says.
Scenario B is technically possible but makes no sense. If you have the
ability to sign mail, why wouldn't you sign your own?
What am I missing here?
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html