From: "Mark Delany"
And are we talking about Mailing Lists today, or Mailing Lists in five
years time after DKIM slowly ramps up? A Mailing List of the future
mail well be verifying incoming mail and make decisions about
re-broadcasting based on "I sign all"?
Very good point.
For me, it is almost a no-brainer of what we will need to add our mailing
list server on the onset. To reduce all kinds of issues from support,
survivability questions, including reduce liability, these two features
will help:
1) Check for restrictive policies during subscription process, accept
only non-DKIM domains or those that might allow 3rd party signing
depending if the MLS signing option is enabled.
2) Offer new options to avoid mail integrity changes (adding Header and
Footers) based on DKIM messages.
The last one is very tough because most people are going to want to add
footers, so that pretty much dictates one or more two things:
- The domain allows 3rd party signing, and/or even possibly
- The domain allows stripping of the original.
Stripping I believe violates DKIM-BASE so that's something that should be
reconsidered. Stripping fits well with a policy such as:
OP=optional;3P=optional; Both Party may sign
But if the MLS is intent in signing the mail, it will be difficult for MLS
to support:
OP=NEVER; 3P=NEVER; No signing expected
OP=ALWAYS; 3P=NEVER; 1st party only always signs mail
OP=OPTIONAL; 3P=NEVER; 1st party may sign mail
So the domain itself has to be aware of what it doing with its DKIM mail.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html