ietf-dkim
[Top] [All Lists]

Re: Unequal treatment RE: Additional lookups (was Re: [ietf-dkim] Re: 1368 straw-poll)

2007-03-02 15:10:33
I have a major problem with your dictation of how our mail design should be. I simply don't agree with your philosophy and we are certainly not going to follow your suggestion, nor ALTER what we have because of your opinions which to me, don't haven't been making sense lately.

To me, IT IS ILLOGICAL to perform DKIM processing when there are extremely obvious, contemporary, exploitive, abusive, directly related ZERO FALSE POSITIVE CONDITIONS that can immediately invalidate it and kick it out and stop wasting people's time with the idea of its good or bad.

--
HLS

Hallam-Baker, Phillip wrote:
I would wordmith slightly as follows:

- UNVERIFIED leads to a query to SSP. The results of the SSP query along with the message leads to a value of CONSISTENT or INCONSISTENT which together with the message will be fed to the reputation service to produce a result of ACCEPT or REJECT.

I would also caution that we should avoid thinking in imperative terms. If you 
have a large email processing infrastructure you are going to be relying on 
multiple levels of spam control.

The first step in your spam control ladder is almost certainly going to be some 
form of lookup on the IP address to decide whether or not you will accept the 
inbound SMTP connection.

-----Original Message-----
From: Eliot Lear [mailto:lear(_at_)cisco(_dot_)com] Sent: Friday, March 02, 2007 4:01 PM
To: Hallam-Baker, Phillip
Cc: Scott Kitterman; ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: Unequal treatment RE: Additional lookups (was Re: [ietf-dkim] Re: 1368 straw-poll)

Phillip,

To summarize some of this discussion, the chain of events is this:

- The VERIFIED address perhaps along with the message is used as input to whatever reputation system there is. The reputation service will return a value of ACCEPT or REJECT for each message. - UNVERIFIED leads to a query to SSP. The results of the SSP query along with the message will be fed to the reputation service to produce a result of ACCEPT or REJECT.

It is out of scope for this working group to try and guess the special sauce in the reputation service, as I understand it. The only question this leads to is whether the unverified address is valuable without a valid DKIM signature, and YMMV, especially in the beginning (like now).

Eliot


_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html




_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html