As long as we all remember that bad actors can get a domain, populate
dkim keys and ssp then send spam until they are noticed and shutdown.
I hope we all understand that if SSP is useful at all, it's only about
authentication, not reputation.
Policy will be by the receiver that a message that fails dkim/ssp is
flagged for a closer examination than a message that passes both dkim
and ssp but all mail will continue to be scrutinized.
In the forseeable future, the main use of DKIM is likely to be more
reliable whitelisting of people you already know you like.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet for
Dummies",
Information Superhighwayman wanna-be, http://johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html