On Mar 11, 2009, at 1:38 PM, HLS wrote:
On Wed, Mar 11, 2009 at 3:33 PM, Steve Atkins
<steve(_at_)wordtothewise(_dot_)com> wrote:
If there were another field in the DKIM-Signature header, or an
entirely separate email header covered by the DKIM signature, that
stated "all email sent using this domain in the From field will be
DKIM signed" then any receiving MTA or MTA cluster could keep track of
that state (probably using their existing reputation tracking system
in the case of large receivers, and using a fairly trivial extension
to their DKIM plugins in the case of smaller ones).
This was touched upon back in 2007/2008 holidays with a WG
suggestion to add a DKIM-Signature tag thats says *first party only,
neutral, etc* which can be viewed as an optimization.
I think it is a great idea. But the issue is legacy mail. The
issue is not the good mail. The issue is the bad mail - the one that
don't have the "extra" DNA genes to detect.
If the flaw is bad mail being sent to recipients who have never
received good mail, what's the threat that's being defended against?
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html