Michael Thomas wrote:
I've actually implemented this feature from ssp-00 and it does not require
a SSP lookup if there's a valid first party signature. It's no different
than the normal operation.
The difference between doing an SSP process when there is signature
present, versus only doing one when there isn't is fundamental.
At base the former seems to move SSP from being a basic means of
checking for rogue mail, into recruiting the receive-side to be an agent
of the From-field domain owner, for enforcing potentially complex
operational rules.
Absent compelling demonstration of market need, why are we considering
something that, to my knowledge, has no experiential base for the scale
and complexity of the open Internet?
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html