[Top] [All Lists]

Re: [ietf-dkim] Collection of use cases for SSP requirements

2006-11-10 07:52:52
On Fri, 10 Nov 2006 03:15:55 -0000, Jim Fenton <fenton(_at_)cisco(_dot_)com> 

Very early on (during the WG chartering process), we got input from several people that laws in the EU prohibit an email service provider from honoring instructions from a purported sender to drop messages from others. From what I have been told, the [snail-mail] postal model is followed closely: the delivery agent has an obligation to deliver the message, even if it may be forged. I'm currently trying to get more specifics on whether this is spelled out somewhere, or is just an extrapolation of the delivery of "post". While this could probably be resolved by having those subject to these regulations just not implement message rejection, we didn't want the perception to be that DKIM violates laws in some jurisdictions.

It may very well be that this is OK if the recipient opts-in for this service, or something like that.

I would have thought so.

And I would have thought it extrememly bad practice for any ISP to be dropping any mail unless there is a specific opt-in, whether it would be unlawful to do otherwise, or not.

For example, my own provider offers a service to run Spamassassin, which I have gladly accepted. But I had to take positive action to turn it on (there is a form on their website for doing that alongside lots of other configuration options, including the Spamassassin level at which you want the cutoff, and whether you want it dropped in the bit bucket of just marked.

I am in the EU BTW, and have not heard of any problem with this sort of filtering, which is quite widespread AIUI. Indeed our Post Office has an obligation to deliver whatever is sent (even Craig Shergold could not avoid that), but certainly in the UK ISPs are not Common Carriers, just as they are not in N. America.

In any case, the notion of "Suspicious" was chosen to not be too specific, but cover the case where the verifier (for example) rejects messages which are suspicious.

Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131     Web:
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
NOTE WELL: This list operates according to

<Prev in Thread] Current Thread [Next in Thread>