I just don't see a plausible scenario where you you know you trust the
list but still want to accept or reject mail based on assertions the
list itself makes.
How about you trust the list, and it says the inbound message wasn't
signed? The list has left the value judgement to the recipient.
I've been using mailing lists for 35 years, and I cannot recall any where
the list manager threw up his hands and didn't manage the list's contents.
The conceptual model of mailing lists has been consistent for decades: the
list picks mail to pass along using whatever manual or automated process
it uses, and subscribers accept the mail the list sends. I don't see the
point in trying to retroactively redefine the ways that lists work to try
to shoehorn them into the limits of poorly desiged security add-on.
See "forgery" for another example of the same newthink, in which the SPF
crowd tried to persuade the world that SPF's failure to handle long
established forwarding models was the fordwarders' fault.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html