On Tue, 01 Aug 2006 15:05:07 -0700 Michael Thomas <mike(_at_)mtcc(_dot_)com>
wrote:
Scott Kitterman wrote:
Yes. I would also say that is explicitly not a requirement that this be
done without breaking some existing e-mail functionailty. I don't think
it's doable otherwise.
I expect that this is a choice that would only be taken by a small
minority
of domains that are:
1. Substantial phishing targets.
2. Willing to accept the collateral damage.
I do think it important to specify this type of approach.
I agree about the collateral damage part and it being acceptable for
some audiences but what I'd really like to do is phrase these in terms
of what the signer's practice/policy is instead of what the signer hopes
the receiver might do.
In particular, it seems that there are two different cases:
1) I sign all of the mail from this domain, and I don't expect that the
places I send will suffer from transit damage
2) I sign all of my mail but I may send to places that may incur transit
damage
I wonder how what the receiver would do would differ.
In either case as a receiver I would reject it at the border MTA and never
let it into my network if the message was outside the scope of this kind of
exclusive policy.
What I think the sender is trying to limit messages allegedly from their
domain that receivers will accept. I think the only difference between
your two cases is the amount of collateral damage the sender is expecting.
I see it as a difference of quantity, not kind.
I do agree that trying to phrase it in terms of what the sender is trying
to achieve is a good idea.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html