For the companies spending seven to eight figure sums as a result of phishing
the rule 'no mailing list subscriptions from a corporate account' is probably
both viable and desirable.
I am not saying that we should only design the spec for that constituency, but
they are the constituency I would target for early adoption of strong
descriptive policy statements.
-----Original Message-----
From: Bill(_dot_)Oxley(_at_)cox(_dot_)com
[mailto:Bill(_dot_)Oxley(_at_)cox(_dot_)com]
Sent: Monday, August 07, 2006 1:30 PM
To: deepvoice(_at_)gmail(_dot_)com; Hallam-Baker, Phillip
Cc: ietf-dkim(_at_)mipassoc(_dot_)org; dcrocker(_at_)bbiw(_dot_)net
Subject: RE: [ietf-dkim] How to reconcile passive vs active?
Damon
"Can we figure something else out that doesn't require me (or
my 200k+) users to have to remember two separate addresses,
the cases to use each, and remember what the second one is
the first time they have to use it in 5 years?"
as a sysadmin, lock out pop access and make them use web enabled mail
thanks,
Bill Oxley
Messaging Engineer
Cox Communications, Inc.
Alpharetta GA
404-847-6397
bill(_dot_)oxley(_at_)cox(_dot_)com
-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Damon
Sent: Monday, August 07, 2006 1:11 PM
To: Hallam-Baker, Phillip
Cc: ietf-dkim(_at_)mipassoc(_dot_)org; dcrocker(_at_)bbiw(_dot_)net
Subject: Re: [ietf-dkim] How to reconcile passive vs active?
1) Signature Validates:
2) Signature fails to validate because the originator screwed up
3) Signature fails to validate because the sender screwed up
4) Signature fails to validate because of an intermediary acting for
the recipient (mailing list, forwarder, etc.).
The first case is success, the second and third cases are self
healling.
Its only the fourth case that leads to an issue and it is easy for
Cisco to fix. They simply issue a separate email address for
receiving mail from mailing lists. Many of them seem to do
this already. I note that Michael is one of them.
Speaking as a real live, currently employed, sysadmin
(numbers bigger than all the scientists in the entire world
put together --- just kidding with you Phillip)... "Yikes!"
Do I need a separate email for when I am living out of a suitcase for
6 months at Holiday Inn too? (I know I can use the same one
as my mailing list address) Now the guy I emailed is using
that address in his address book. Note to self, email him and
get him to change it.
Can we figure something else out that doesn't require me (or
my 200k+) users to have to remember two separate addresses,
the cases to use each, and remember what the second one is
the first time they have to use it in 5 years?
Regards,
Damon Sauer
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html