Re: [ietf-dkim] Issue #1521: Limit the application of SSP to unsigned me


On Dec 11, 2007, at 10:57 AM, Hector Santos wrote:

The 'threat' that you are citing is for a signed message, whichmeans that there is a verifiable, accountable identity associated.That identity will have a reputation.
What proof do you have to validates the assertion?

  "That identify will have a reputation."
How is "reputation" defined and how does the generalized networkemail infrastructure reach that conclusion without resorting to 3rdparty Trust Services?

A valid DKIM signature offers a fair amount of information, evenwithout it matching an email header.

The typical MTA can accrue a fair amount of DKIM related informationwithout reliance on outside services.


When a domain is being assessed, negative points can be assigned when:

 o the domain is new to the receiver
        
 o the domain name server host or IP address is new to the receiver

 o the domain is known to send spam

o the domain name server host or IP address is known to publish spamrelated domain names



-Doug
_______________________________________________

NOTE WELL: This list operates according tohttp://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [ietf-dkim] Processing SSP issues in January using jabber/concalls...., John Levine

Next by Date:

[ietf-dkim] Re: Re: NEW ISSUE: replace use of term "suspicious", Frank Ellermann

Previous by Thread:

Re: [ietf-dkim] Issue #1521: Limit the application of SSP to unsigned messages, Hector Santos

Next by Thread:

Re: [ietf-dkim] Issue #1521: Limit the application of SSP to unsigned messages, Douglas Otis

Indexes:

[Date] [Thread] [Top] [All Lists]