ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Are subdomains like parent domains?

2008-04-29 11:28:20
On 4/29/08, J D Falk <jdfalk(_at_)returnpath(_dot_)net> wrote:

IMHO the thing about phishers forging nonexistant domains is a
non-issue.  I can not imagine any circumstances where a nonexistant
domain with no possibility of an ADSP statement will be given the same
privleges as an existing domain that does have an ADSP statement.  I can
much more easily imagine someone setting up newservice.example.com
without realizing that their new service falls under example.com's ADSP
statement, thus causing general bad feelings about ADSP and DKIM in
general.

Could I ask you to theorize for me for a moment? Pretend you're a
receiver who sets your own policies, and pretend you're giving it the
kind of thought that a Hotmail or Yahoo would hopefully give to it.

OK, let's assume ADSP has no "tree walking" or "subzone inheritance" feature.
A sender is sending legitimate mails with customercare.bigbank.com
with DKIM and an ADSP policy.
If a phisher sends mail with a PRA of customer-care.bigbank.com, that
would not be signed, and it would not fall under any ADSP policy.

In your perfect world, as an imaginary receiver, how would you discern
between the two sets of messages? What DKIM or ADSP-related measure
could you make that would make it easier for you to can the phishing
mail?

I guess I'm even making an assumption that you would care to do that.
Would you? If not, why not?

If not, what do you theorize the operational objective of ADSP should be?

Al
-- 
Al Iverson on Spam and Deliverability, see http://www.spamresource.com
News, stats, info, and commentary on blacklists: http://www.dnsbl.com
My personal website: http://www.aliverson.com   --   Chicago, IL, USA
Remove "lists" from my email address to reach me faster and directly.
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>