In
<20060731150944(_dot_)11804(_dot_)qmail(_at_)snake(_dot_)corp(_dot_)yahoo(_dot_)com>
Mark Delany <MarkD+dkim(_at_)yahoo-inc(_dot_)com> writes:
On Mon, Jul 31, 2006 at 09:59:19AM -0400, Bill(_dot_)Oxley(_at_)cox(_dot_)com
allegedly wrote:
The statement that I sign only my own mail makes perfect sense.
If I have a message with your valid 3rd party signature, meaning that
you've published the key, and your SSP says you sign only your own mail,
You believe both and apply a receiver policy determined by yourself that
will handle a message with an anomaly,
I'm with John on this. I don't see any merit in constructing a system
that allows anomalies soley for the purpose of giving a receiver less
certainty and more work to do.
+1
This is much like the reason I don't like stuff in the rDNS that
indicates that "this machine should never send email". If you want
that policy, do port 25 blocking. Don't make the rest of the world
try to figure out whether you screwed up on your security or you
screwed up on you published policy. And, have to do that all after
receiving the traffic.
-wayne
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html