On Wednesday 16 January 2008 12:24, J D Falk wrote:
I fail to see why we should create an RFC only working for PayPal &
Co. - especially while they are still too timid to use FAIL in their
SPF or PRA policies. SSP "first author"
would be far more restrictive than anything SPF or PRA do.
It's very interesting that while PayPal may be "too timid to use FAIL in
their SPF or PRA policies," they /have/ -- with much public fanfare --
made deals with Yahoo! and other ISPs to reject any messages that can't
be verified with DomainKeys or DKIM.
There'll surely be more of these 1:1 agreements, while we wait for SSP
to become useful. If we wait long enough, SSP won't even be necessary
for the big, high-value signers & verifiers.
Agreed. It's much better to define a protocol to do this now so the process
scales and is not just available to large commercial senders.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html