Al asked:
OK, let's assume ADSP has no "tree walking" or "subzone inheritance"
feature. A sender is sending legitimate mails with
customercare.bigbank.com with DKIM and an ADSP policy. If a phisher
sends mail with a PRA of customer-care.bigbank.com, that would not be
signed, and it would not fall under any ADSP policy.
In your perfect world, as an imaginary receiver, how would you discern
between the two sets of messages?
That's easy: any string comparison will tell you that
customercare.bigbank.com != customer-care.bigbank.com. So, assuming no
treewalking assumption in my reputation system, they'd each have
entirely separate reputations.
But reputation is never based solely on one tiny bit of information --
I'd also check to see if the domain exists. If it doesn't, that would
very likely result in rejection before even getting to any reputation
algorithm.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html