On Thu, 26 Mar 2009, Hector Santos wrote:
> With specific reference to DKIM, what I most want to discourage is
> awful IP/domain hybrid hacks like only validating a signature if
> the Sender-ID or SPF passes. So our interop advice is when you're
> thinking about DKIM, don't think about IP addresses.
Sorry, but vendors do not have this luxury. You would be in conflict
with your operators and customers desires to implement, enable and/or
disable what they want and not what you or I want.
Your customers don't seek or accept any guidance from you?
We simple can not dictate to others or even suggest not to use SPF or
another technology and replace with DKIM especially when it hasn't
really proven to have a payoff.
Sorry, I disagree. Vendors, especially those who have been involved in
this for a long time, are in a prime position to provide appropriate
guidance and influence. And at least from where I'm sitting, a
substantial portion of the customer base is at least listening to what we
tell them. And sometimes "customer" is itself referring to a large and
influential ISP.
So yes, when I read those comments, the eyes are rolling.
I have no doubt *you* think the ideas are absurd. But please stop
speaking for all SMTP vendors, because I for one think you're
exaggerating, and have experience to the contrary.
Perhaps some other vendors would like to weigh in.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html