On Mon, 12 Oct 2009, hector wrote:
The key point that is being missed here is that doesn't matter if we
all agree to add 3rd party or mailing list support to an extended RFC
5617 policy protocol. If resigners are going to be exempt from any
mandate to support it, it will remain to be conflict with receivers.
I don't like the term "resigners" here. Many mailing lists will do no
signing at all. For whitelisting purposes, they may instead rely on SPF,
or just the hope that spammers won't guess the List-Id: or envelope sender
domains of the lists their victims subscribe to.
Compared to the more elaborate schemes bandied here, dkim=except-mlist's
strength and weakness is the same thing -- it leaves the question of *how*
to recognize legitimate mailing list traffic in the recipient's hands.
Those of us with vanity domains have hands quite capable of handling that
problem without recourse to some hypothetical third-party-signatures
standard (which will likely flop among ML admins just as SPF's SRS flopped
among forwarders...). "dkim=except-mlist" is all *we* need.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html