I would wordmith slightly as follows:
- UNVERIFIED leads to a query to SSP. The results of the
SSP query along with the message leads to a value of
CONSISTENT or INCONSISTENT which together with the message
will be fed to the reputation service to produce a result
of ACCEPT or REJECT.
I would also caution that we should avoid thinking in imperative terms. If you
have a large email processing infrastructure you are going to be relying on
multiple levels of spam control.
The first step in your spam control ladder is almost certainly going to be some
form of lookup on the IP address to decide whether or not you will accept the
inbound SMTP connection.
-----Original Message-----
From: Eliot Lear [mailto:lear(_at_)cisco(_dot_)com]
Sent: Friday, March 02, 2007 4:01 PM
To: Hallam-Baker, Phillip
Cc: Scott Kitterman; ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: Unequal treatment RE: Additional lookups (was
Re: [ietf-dkim] Re: 1368 straw-poll)
Phillip,
To summarize some of this discussion, the chain of events is this:
- The VERIFIED address perhaps along with the message is
used as input to whatever reputation system there is. The
reputation service will return a value of ACCEPT or REJECT
for each message.
- UNVERIFIED leads to a query to SSP. The results of the
SSP query along with the message will be fed to the
reputation service to produce a result of ACCEPT or REJECT.
It is out of scope for this working group to try and guess
the special sauce in the reputation service, as I understand
it. The only question this leads to is whether the
unverified address is valuable without a valid DKIM
signature, and YMMV, especially in the beginning (like now).
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html