ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Re: DKIM Interoperability Event notes

2007-11-08 17:58:14
from [Hector Santos] [Permanent Link] 
Hi Frank,
Well SOFTFAIL has similar implementation issues. But I was specifically talking the similar t=y "I am in testing mode, so IGNORE any possible failure" mechanism for DKIM/SSP.
Our implementation ignored its in SPF, and if we implement DKIM/SSP, it will be ignore there too.
The DKIM/SSPEC authors seem to take these real world concerns very lightly, especially if you not within the "inner circle." So I will just watch with optimism that sound engineering will eventually prevail. It usually does. If not, well, DKIM is not the first worthless protocol "thrown into the waste basket with full force." :-) 

--
HLS

Frank Ellermann wrote:

Hector Santos wrote:
based on SPF experience, since day one I have outlined on numerous occassions how this is being ignored by some SPF implementation 

If you're talking about SOFTFAIL I wonder what "ignored by
some SPF implementation" means, does the code return FAIL
or NEUTRAL instead of SOFTFAIL ?  Or are you talking about
receivers interpreting SOFTFAIL like FAIL or NEUTRAL ? 
RFC 4408 recommends a kind of "greylisting" for a SOFTFAIL,
or flagging / scoring the mail as suspicious.  If some SPF
implementation "ignores" SOFTFAIL by returning a different
result like NONE, TEMPERROR, NEUTRAIL, FAIL, or what else,
it's broken. 
If a receiver treats SOFTFAIL like another result it's ok.,
his server, his rules, "receiver policy".

A publisher using SOFTFAIL over a long time will find that
"interpreting SOFTFAIL as suspicious" actually means that
SOFTFAILing mails could vanish in the black holes of "spam
folders".  It's dangerous to use SOFTFAIL over long periods
of time, the likely behaviour of mail receivers is hard to predict for a SOFTFAIL, unlike FAIL. What Ebay and Paypal 
do is wrong, no doubt about it.

 Frank (certainly no SOFTFAIL fan)

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html 





--
Sincerely

Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Re: t=y, Hector Santos
Next by Date:  Re: [ietf-dkim] Proposal to amend SSP draft with a reporting address (fwd), Michael Thomas
Previous by Thread:  [ietf-dkim] Re: DKIM Interoperability Event notes, Frank Ellermann
Next by Thread:  Re: [ietf-dkim] DKIM Interoperability Event notes, Charles Lindsey
Indexes:  [Date] [Thread] [Top] [All Lists]