Steve Atkins wrote:
ISPs aren't going to reclassify a message from "should be rejected" to
"deliver to inbox" on a whim.
Sure they are.
ISPs are responsible to their customers, not the senders. They should,
and usually will, do what will make their customers happy.
You replied out of context. In fact, Steve, I would argue that you
ignored the original text. ISPs cannot afford to make changes on a
whim, and many ISPs can't afford to make changes at all. We have an
extraordinary debate going on on this mailing list. We have gotten away
from the practical deployment of SSP. If we accept issue 1521 we
mandate reputation services in order to deploy SSP. That seems to me a
mistake and a large one at that, when considering the general case.
As a concrete example, if the mail is coming from a known forwarder
(eg acm.org) or mailing list provider. Somewhere that is known to the
recipient ISP to not be a source of unwanted mail, and which may break
DKIM signatures.
The ISP has not made a change on a whim but based on the reputation of
acm.org, which unverified could be the next spam vector, just like any
other known forwarder whose signature breaks.
Most SSP fails in those cases will lead to rejection
of mail that is wanted by the recipient. Any responsible ISP will not
want to reject mail that is wanted by the recipient.
And again, that's not done on a whim. Moreover, someone who puts out
strict or similar conditions in an SSP record is going to get what they
deserve. Why would they do this? They have customers too, right?
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html