OK this algorithm includes reputation since its part of the decision process.
ReputationOne is a cheap lightweight reputation service that is used for
prefiltering, reputationTwo is a more detailed one you would call only after
you knew it was worth bothering. If you don't have either source of reputation
then you set ReputationCut = 0 so that everything passes.
Inputs
Message
List (Signature) : Signatures
Sender PurportedSender
Content
ReputationPre (Sender)
ReputationPost (Sender)
Policy (Sender)
Outputs
SET {authentic, junk, compliant, notcompliant} : Outcome
Reputation: Reputation
SET OF Algorithm: Acceptable
ControlVariables
Reputation: ReputationCut1, ReputationCut2
SEQUENCE
Reputation = ReputationPre (Message.PurportedSender)
// If the sender has a bad reputation then don't even bother to do
anything else.
IF (Reputation < ReputationCut1)
Outcome = junk
RETURN
BOOL Signed = FALSE
FOR EACH signature sig IN Message.Signatures
CASE Verify (sig, Message)
PASS
IF sig.Algorithm IN Acceptable
Reputation = MAX (Reputation, ReputationPost
(sig.signer))
IF sig.signer = Message.PurportedSender
Signed = TRUE
ELSE
// Do nothing
FAIL
// counts as no signature
UNKNOWN
// counts as no signature
// Look to see if we have enough to stop processing here
IF ((signed) OR (Reputation >= ReputationCut2))
Outcome = authentic
RETURN
// Only if we have got this far do we do policy processing
Policy = Policy (Message.PurportedSender)
// OK here is my version of policy
Outcome = compliant
FOR EACH Entry e in Policy
BOOL met = FALSE
FOR EACH signature sig IN Message.Signatures
meet = met OR Compliant (e, sig)
IF (NOT met)
Outcome = notcompliant
I will try to clean this up somewhat but my policy processing is pretty
straightforward. Compliant simply looks to see if the selector on the sig
matches the selector specified in policy.
The alternative (incorrect) code would be:
Outcome = nocompliant
FOR EACH signature sig IN Message.Signatures
IF Compliant (e, sig)
Outcome = compliant
I will try to send some worked examples and a differential use case analysis.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html