ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] requirement for one ADSP record per DNS entry is irrelevant

2008-05-27 06:49:15
The absence of a parent label check will mean that enterprises must
list an ADSP record for each and every DNS entry they have.

Man, this horse just won't stay dead.

a) Even if you believe this is a serious issue (which I don't, see
point 2 below), the tree walk wouldn't be a solution.  Although I
believe that there is at least one large vendor of network equipment
whose DNS tree is very flat, that's not true in general, and there are
plenty of large systems whose DNS tree is more than two levels deep.
Since those systems would have to cover N-1 levels of their tree even
if we had the tree walk, I don't see any reason to think that the
software changes needed to cover N-1 levels of a DNS tree would be any
easier than to cover N levels.

2) The only reason I can see that one would need to cover every node
in their DNS tree is a belief that other mail admins will assume that
all of your subdomains inherit the reputation of your main domain.
But who'd do that?  Is anyone really going to treat mail from
bob(_at_)bay0-omc1-s21(_dot_)bay0(_dot_)hotmail(_dot_)com or even 
bob(_at_)bay0(_dot_)hotmail(_dot_)com the
same as bob(_at_)hotmail(_dot_)com?  This is to me the reddest of red herrings.
Perhaps somewhere, somehow, there is some admin so stupid as to do
that, but as I hardly need tell you, there's no hope of blocking every
possible stupid mistake that someone else might make.

I also happen to doubt that ADSP will be of much use, but that's
becase I doubt the utility of self-assertions of virtue, not because
DNS management is too hard.

R's,
John
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>