ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] General Feedback loop using DKIM

2009-05-28 15:47:30
from [Franck Martin] [Permanent Link] 

----- "Michael Adkins" <michael(_dot_)adkins(_at_)corp(_dot_)aol(_dot_)com> 
wrote: 



I thought about putting the "I want ARF reports" information in the 
email or in the DNS. 

If it is solely in the DNS, then for every DKIM message, you have to 
query the DNS, to check if the signing domain wants ARF reports. I 
suspect most will not want them, or know what's that. This process may 
commit uneccessary resources. I feel important to state in the email 
that the signer wants an ARF report, and that the DNS could be used to 
verify that statment. 


Not for every signed message. Only for every signed report. Report 
generators have to query DNS to send the report anyway. 


What I'm trying to asses is do you query the DNS for every signed message that 
is reported, or only for the ones which have a domain or d= that is registered 
with you to receive ARF reports. 

Also this would add one DNS query to the set of queries. It is additional 
resources. 

It may be early, but just trying to asses what is the least costly for the 
reporter. 



We currently send reports to over 80k domains. I would wager that the 
domains who currently sign are a subset of those (spammer domains 
included), but if someone actually wants me to dig around to prove it I 
suppose I can. Going forward, domains that care enough to sign their 
mail will care enough to want abuse reports. 


On privacy issues, some ARF processors strip the report from any 
potential user identification, To: Message ID, email in the content 
etc... 


That's to protect the privacy of the reporter, not the privacy of the 
message author. You would be surprised how many folks on shared IP 
addresses try to get an FBL for the entire IP address instead of just 
their domain. DKIM based FBLs should clear up that specific issue, but 
I'm sure there will be some new 'gotcha'. 


correct, I mean I agree, but you know also that in the case of mailing lists, 
the sender puts a fingerprint to circumvent this anonymization process, 
otherwise, the report would be mostly useless. 

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] General Feedback loop using DKIM, Jeff Macdonald
Next by Date:  Re: [ietf-dkim] Urgent: draft-ietf-dkim-ssp-10 and RFC 5451, J.D. Falk
Previous by Thread:  Re: [ietf-dkim] General Feedback loop using DKIM, Michael Adkins
Next by Thread:  Re: [ietf-dkim] General Feedback loop using DKIM, Michael Adkins
Indexes:  [Date] [Thread] [Top] [All Lists]