Dave Crocker wrote:
3. Scope and scale of query traffic
SSP originally was constrained to apply only to unsigned mail. The current
specification applies to unsigned messages *and* signed messages where the
DKIM i= domain name does not match the rfc2822.From <addr-spec> domain.
This
is a considerable change in the nature -- and potentially a considerable
change in the amount of query traffic -- that SSP causes.
This has not changed in years. Maybe you've just become aware of it.
And the problem here remains with unsigned traffic. Third party
signatures are very rare beasts.
The draft does note that initial receive-side adopters of SSP will find
no SSP
DNS record. However the draft does not address the adoption and use
impact of
being expected to make a query that will almost always fail for a
significant
number of years into the future.
There is a trivial mechanism that can cut down SSP lookups to almost
nothing: don't query domains from which you've never received a valid
DKIM signature.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html