ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] The mailing list argument, was Resigner Support of RFC 5617 (ADSP)

2009-10-13 06:31:10
from [Ian Eiloart] [Permanent Link] 


--On 13 October 2009 00:49:05 -0400 hector 
<gmail(_dot_)sant9442(_at_)winserver(_dot_)com> 
wrote:


John Levine wrote:


[ this is well trodden ground, so I will try and keep this short ]


Agreed, but the fact that it's a mailing list that is doing this
isn't significant.  It could be any intermediary that is willing to
take responsibility for the message by signing it.  Their reputation
now becomes a factor in the disposition of the message.


Right.  As JD and others have often pointed out, mailing lists should
sign their mail like anyone else, and recipients handle it based on
the list's reputation.  If we're going to encourage list operators to
change their software to deal with DKIM, sensible changes would help
them be sure that unwanted mail doesn't leak onto the list, perhaps
using DKIM and ancillary reputation systems.  That will help all
subscribers getting mail from the list, whether they use DKIM or not.



So what you are saying is that LIST SERVER developers SHOULD NOT add
ADSP features to restrict signing of ADSP domain nor bother to see if
it should allow these restrictive domains to subscribe?


They should add features. But "DISCARDABLE" ('discard' isn't a value, and 
'discardable' doesn't mean 'discard'), should not be treated the same as 
"ALL". It's reasonable for a list to rejected mail that it is about to 
render discardable, but there's no reason to reject mail with "ALL".

Remember RFC5617 says " 3.2 ... o  If a message has a Valid Signature other 
than an Author Domain
      Signature, the receiver can use both the Signature and the ADSP
      result in its evaluation of the message."



    List name:  ieft-dkim

    DKIM/ADSP Options:

       [_] Do not allow subscription from ADSP domains
       [_] Do not accept domains with DISCARD, ALL policies

       [X] Sign list mail:

           [X] Remove any old signatures

           Signing Selector: k00001
           Signing domain  : mipassog.org  [ GENERATE KEY ]

       [X] Checking Reputation Services

           [ CLICK TO SEE REPUTATION SERVICE LIST ] None-Defined



A few milliseconds of thought should reveal that a scheme that allowed
a list to assert that incoming mail was signed would instantly be
abused by spammers who would start sending from "lists" that claimed
to be passing through signed mail from domains with good reputations.





-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Resigner Support of RFC 5617 (ADSP), Ian Eiloart
Next by Date:  Re: [ietf-dkim] Issue: Deployment Guide Section 6.1/6.5 (ADSP/Forwader) conflict, Charles Lindsey
Previous by Thread:  Re: [ietf-dkim] The mailing list argument, was Resigner Support of RFC 5617 (ADSP), hector
Next by Thread:  [ietf-dkim] List Server ADSP Support, hector
Indexes:  [Date] [Thread] [Top] [All Lists]