On 5/26/10 2:23 PM, Michael Thomas wrote:
I don't know of a way to do that which doesn't require a trust
relationship with the mail list provider. If you have such a
relationship then it's relatively trivial to just not bother with
ADSP checks for mail from such lists.
I'm left not knowing what advantage there would be from a more
complex standardized approach.
Right, and where I have problems is that I doubt that most admins
have any clue whatsoever which lists their users subscribe to. Some
certainly have policies which may inform them (= don't do it), but
beyond that this sounds somewhere close to an impossible task.
Domains that assert ADSP "all" or "discardable" are assisting recipients
who might be inundated with messages spoofing their From domain. This
assistance can be extended by also indicating which employed third-party
service may benefit from Author Domain signature exceptions. Every
increase in the number of sources granted a policy exception represents
an increased opportunity for exploitation.
For example, specific authorizations of communications via mailing lists
run by standard's organizations, or NGOs, would offer recipients far
better security, than would resorting to unlimited numbers of different
email domains having undefined authentication polices.
While much can be said for reputation services, they are not good at
preventing abuse from otherwise reputable sources. An authorization
scheme for ADSP greatly reduces a domain's exposure within an
environment seeing a growing diversity of abuse.
Importantly, a DKIM specific authorization scheme places the burden of
retaining trust on the sender, where it belongs. If you agree with
this, stop kvetching. :^)
No one requires senders to defend their recipients. Allowing ADSP to be
more comprehensive with a simple and deterministic authorization
mechanism, enables greater use and provide a stronger rationale for
employing these policies.
-Doug
"The significant problems we face cannot be solved at the same level of
thinking we were at when we created them."
"Make everything as simple as possible, but not simpler."
-- *Albert Einstein*
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html