On 5/26/10 8:09 AM, SM wrote:
Hi Doug,
At 15:50 25-05-10, Douglas Otis wrote:
It should be possible for sending domains to detect mailing-list
conversations. When desired, they can then immediately publish
third-party authorization labels to allow ADSP exceptions. The
exception approach retains their ability to quickly mitigate any
reported abuse.
I don't have a clue how to implement this. I can implement measures
for the mailing lists I am subscribed to but it doesn't scale. Due to
legacy reasons it would be impossible to "fix" the local-part anyway.
See:
http://tools.ietf.org/html/draft-otis-dkim-tpa-label-03
DKIM is a process handled by domain administrations, not individuals.
The third-party label authorization method scales to _any_ practical
level, and allows domain administrators a means to unilaterally resolve
reported issue involving third-party services. Whether these issues
relate to abuse or to refused and missing messages, the third-party
authorization scheme offers an easy and low overhead solution. Perhaps
in the future, mailing-list subscription acknowledgments could be
standardized to trigger any needed third-party authorization.
Of course, there should be facilities, such as user web pages, to deal
with potential refusal issues proactively. Exchanges of DKIM keys with
any number third-party services clearly does not scale, nor would this
be practical.
The short answer I would give is that it is not possible for the
signer to detect mailing list conversations [1].
When the domain administration receives DSNs or MARFs indicating a
problem, they should also be able to recognize whether it involves a
trusted third-party service based upon content. A third-party
authorization method offers a practical means to extend ADSP "all" with
a method to mitigate possible disruptions. IMHO, "discardable" should
be limited to domains not sending mail.
As a side note:
Rather than using ADSP "discardable", it would be better to a mandate
the use of MX records. BNAME zones will soon make the use of address
records to discover MTAs impossible. As such, the Address Record
discovery should be depreciated.
Secondly,
Not delivering non-ADSP complaint email protects recipients, especially
those sorting From headers, which is a technique that offers protection
from look-alikes.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html