Hallam-Baker, Phillip wrote:
What is the difference on the recipient side between 'I sign no mail'
and 'I sign some mail'?
Well, in terms of receiving and validating email, then such a policy
would mean that if signed mail is received AND the domain is marked as
trusted then no spam filtering is required for that email. Messages
without signatures can still be accepted, after traditional spam
filtering.
Whereas, "I sign no mail" means that it ALL has to go through a traditional
spam filter. One could make an argument that such a policy would mean
that any SIGNED mail from this domain can be immediately dropped as
invalid. In fact, one could even argue that this is the only reason
to have such a policy, as it is the only way it could be different
from a nonexistent policy.
And "I sign all mail" means that unsigned mail can be instantly dropped.
This, from a verification point of view is the ideal situation, and
somewhere down the road, this will essentially be the only policy.
So there is a subtle difference at verification time. But I fully
agree that I don't expect anyone to use the half-and-half policy,
because it fails to protect the domain or it's reputation. From the
point of view of a mail forger, there really is no difference, this
domain is still just as ripe for the picking.
tom
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html