Murray S. Kucherawy schrieb:
On Thu, 28 Feb 2008, Florian Sager wrote:
I just reviewed [ietf-dkim] "Proposal to amend SSP draft with a
reporting address" --> the responses dealt with using ARF or an own
abuse report format but they didn't refer to the reporting address.
What was the result of this discussion? There is no r= property in
the ASP draft (yet).
See https://datatracker.ietf.org/drafts/draft-kucherawy-dkim-reporting/.
It's a draft proposal right now.
Thanks for this reminder, I forgot about this draft: maybe section 4.1
can be extended by s.th. like "a Reports are requested for passed
signatures inside mails with suspicious content". The same intent may
already be included in 4.2 "s ... signed and Suspicious".
For this spam mail I'd like to send an abuse report to Yahoo! ...
"i=" is the signing identity. It's not guaranteed to be a good place
to which to report abuse if the sender is malicious. Yahoo would need
to either explicitly set "i=" to be the abuse address (which they
could do) or implement the reporting specification (which is still a
draft, so it's not likely).
Second aspect: besides abuse-reporting I'd like to setup a BL
containing tuples like <alleged sender, signing-domain>. I am
hesitating to use From or Sender as <alleged sender>;
Why can't you use "i=" for that?
After all i= should be usable: I worried about the fact i= can be omitted and
another header address has to be guessed to be the alleged sender. This address
might be more random/less confident than i= with a local part added by the
signer of an ISP (regarding repuation filters,
I think this problem will be self-regulating).
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html