On Feb 25, 2008, at 10:43 AM, Steve Atkins wrote:
On Feb 25, 2008, at 10:17 AM, MH Michael Hammer (5304) wrote:
While there might be some domains that take that stance I wouldn't
expect "mainstream domains" to take that stance. I expect financial
institutions to be somewhat early adopters and any ISP/mailbox
provider that decides discardable means don't bother trying to
deliver the mail should be prepared to beef up their Customer
Service staff to handle complaints.
There is a significant difference between sendedr saying "I
recognize that a fraction of a percent of legitimate mail might not
get delivered if my assertion is followed" and "sender doesn't care
whether the mail gets delivered".
They're the same statement. If they cared about mail they send being
delivered they wouldn't deploy something which will, by design,
cause some fraction of it to not be delivered (and provide no other
benefits).
"No not send DSNs upon signature failure" is not the same as "Expect
this domain's messages to be "Signing Complete". A measure of
delivery integrity includes receipt of Delivery Status Notifications
upon failure to validate. Presumably, once DKIM becomes broadly
implemented, back-scatter will be curbed by reduced success rates of
spoofed messages. Rather than achieving consensus for the "discard"
feature within the requirements phase, the required "Signing Complete"
assertion has been replaced by a new and completely different
assertion previously not discussed on this list. The usefulness of
the "discard" assertion appears limited and perhaps unneeded once DKIM
becomes more broadly adopted.
These are not the same assertion. Make a case where both assertions
are allowed, or return to the previously agreed "Signing Complete"
that omits advice on verifier actions.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html