ietf-dkim
[Top] [All Lists]

Re: 1: 1 (was RE: [ietf-dkim] Re: ISSUE 1525 -- Restriction to posting by firstAuthorbreaks email semantics)

2008-01-16 23:28:42
John L wrote:
How does an SSP-like protocol do that?  Assertions like "I am a phish
target" don't do it.

Why not?

Because you (the generic you, whoever publishes SSP) aren't credible short of some reputation system which would make SSP irrelevant anyway.

Depends on the nature of the assertion. If the assertion is "I'm a good guy" or "I send virus-free messages" the receiver isn't likely to believe me. If the assertion is "Be very careful about messages coming from my domain", why shouldn't the receiver pay attention to that?

It's fine to make statements about your own practices, like "I sign everything" or "All of my mail is composed in iambic pentameter" since that reflects things you have control over. Claiming you're a phish target is making assertions about the behaviors of zillions of other senders who you don't even know.

With respect to a domain likely to use SSP (such as a domain used only for transactional messages), who are these zillions of other senders, and why should that domain be concerned about them?

-Jim

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>