Charles Lindsey wrote:
If you go to the message that Pat Peterson wrote that started this
thread, that is exactly what some domains would like to do. They
consider SSP to be helpful to counter phishing [Please, let's not
re-open that question; it has been discussed to death] even if it is
ineffective with look-alike domains and such. The requirement for the
recipient to opt-in to have unsigned messages from their domains removed
diminishes that perceived benefit greatly.
On Fri, 10 Nov 2006 03:15:55 -0000, Jim Fenton <fenton(_at_)cisco(_dot_)com>
Very early on (during the WG chartering process), we got input from
several people that laws in the EU prohibit an email service provider
from honoring instructions from a purported sender to drop messages
from others. From what I have been told, the [snail-mail] postal
model is followed closely: the delivery agent has an obligation to
deliver the message, even if it may be forged. I'm currently trying
to get more specifics on whether this is spelled out somewhere, or is
just an extrapolation of the delivery of "post". While this could
probably be resolved by having those subject to these regulations
just not implement message rejection, we didn't want the perception
to be that DKIM violates laws in some jurisdictions.
It may very well be that this is OK if the recipient opts-in for this
service, or something like that.
I would have thought so.
And I would have thought it extrememly bad practice for any ISP to be
dropping any mail unless there is a specific opt-in, whether it would
be unlawful to do otherwise, or not.
NOTE WELL: This list operates according to