On Jul 31, 2006, at 7:15 PM, John L wrote:
As long as we all remember that bad actors can get a domain, populate
dkim keys and ssp then send spam until they are noticed and shutdown.
I hope we all understand that if SSP is useful at all, it's only
about authentication, not reputation.
Policy will be by the receiver that a message that fails dkim/ssp is
flagged for a closer examination than a message that passes both dkim
and ssp but all mail will continue to be scrutinized.
In the forseeable future, the main use of DKIM is likely to be more
reliable whitelisting of people you already know you like.
And to provide (opt-in) feedback loops to some subset of bulk senders.
In volume terms these two are going to hugely dominate that subset
of email which is validly signed and to which the recipient pays much
attention to that signature, for the near future at least.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html