Perhaps we should work backwards, what are the mechanisms for DKIM
compliant mailing lists?
If a signed message arrives and SSP says 3rd party allowed, evaluate
resign send
If evaluate fails bounce without propagation
If no sig and policy says "I sign all" bounce message
If SSP states "I only sign" forward without adding list signature or
bounce message
Myriad other possibilities
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Mark Delany
Sent: Saturday, August 05, 2006 12:47 AM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] A more fundamental SSP axiom
On Sat, Aug 05, 2006 at 01:41:39AM -0000, John Levine allegedly wrote:
So if I set a policy of "I sign all", and a mailing list mangles
it, what exactly is the mailing list receiving the bounce going to
do? Blackhole it? Bounce the user off the list? Anything useful
whatsoever?
That's a matter between the "I sign all" and the list. I would say
that if it hurts, don't do it.
No, the sensible user will accept all the mail from the list. With
Well maybe, but that's not the intent of my style of "I sign all".
If "I sign all" I would much rather no one accept a mail purportedly
from me that doesn't verify. Why would an "I sign all" domain want
mail accepted that can't be proved to be from them?
But them I'm missing this whole "list" issue. It seems to me to be
largely a red-herring because the size of the intersection of "I sign
all" traffic and DKIM-unaware Lists is pure speculation at this stage.
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html