Michael Thomas wrote:
Can somebody explain to me what an "irregular" mailing list is?
Same here.
Long and short, my feeling is: SSP publish what it actually does; describe
the mechanism for looking up anything based on a rfc2822 address, and
just give some non-normative guidance about which addresses might be
interesting. Note also: phrasing things this way avoids the tar pit of
claims that we're "solving phishing", etc.
I agree. I think. :-)
To me, SSP has always been just exposing what the ORIGINAL DOMAIN OWNER
is saying about its DKIM signed or not mail.
Al thought the natural tendency is to use this information as part of,
what I tend to believe, is a strong deterrent to directly domain
exploitations, how a receiver reacts has always been a local policy
decision.
As a vendor, I can't force these decisions to the admin. I have to give
him the options. However, I have to also decide is what are the
defaults and also provide "guidelines" to the admin in how to use it.
I agree with you the 3rd party issue has been a contested one. I
thought it was addressable via SSP.
However, some feel it is too much and I don't mind saying it also seems
soon feel "threaten" by having 3rd party restrictions.
In the end of the day, in my view, the first segment of the population
that we must address is the first party people. I think DKIM/SSP does
that very nicely. As long as SSP allows the 1st party to declare strong
and exclusive policies, I strongly believe we have a major winner.
The relaxed conditions, however, which we are still trying to address,
will always introduce all kind of problems and issues. Just like it
does today with the relaxed provisions in SMTP.
Anyway, my two pennies.
---
HLS
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html