Michael Thomas:
Wietse Venema wrote:
MH Michael Hammer (5304):
Is DKIM checking sufficient in itself without SSP? How might DKIM-SSP
help receivers (the 3 aforementioned as well as others) leverage their
evaluation of received email whether signed (valid or not) or unsigned?
"known to be good" whitelisting can be done with DKIM-BASE alone.
SSP etc. is about the ABSENCE of valid signatures, and can help to
strengthen the "known to be good" whitelisting process.
You've said this several times, but I don't think that's the range
of all possibilities. Ag.com is a pretty good example of somebody
that I as a receiver don't know but if they're willing to say
"discard this if it's not signed", all other things being equal
why wouldn't I?
You do what you want to do.
I would hope that receivers don't discard mail simply because the
domain owner says so. Instead, I would hope that their hint goes
into a weighting process together with other indicators.
Wietse
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html