On 5/4/10 4:48 PM, John Levine wrote:
And indeed, this might be the (or, at least, an) answer to the
concern (except of course for ADSP assertions made too broadly
because it can't cover this scenario.
I have to say that ADSP is having just the pernicious effect that I
feared it would. Its actual utility is very, very narrow, people
want it to do other things, so they start insisting that the rest of
the world redesign itself to match their concept of ADSP. We seem to
have learned nothing from the experience with SPF.
ADSP offers limited utility as a transitional mechanism for stricter
acceptance, and as an alternative to individual relationships with email
providers throughout the world. Predictable cases of unintended message
loss that ADSP might cause can be mitigated with a third-party
authorization mechanism. The mechanism would allow domains a means to
grant specific exceptions for the third-party services being used.
Lessons have been learned. Unlike a comprehensive IP address list of
authorized servers, as with SPF:
A) a hash label mechanism scales to any number of third-party services
within a single transaction.
B) modified messages will not be confused with those directly from the
sender domain.
C) authorization is limited to specific domains, and not for any message
handled by a server.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html