On 6/22/10 9:46 AM, J.D. Falk wrote:
On Jun 21, 2010, at 1:00 PM, John R. Levine wrote:
As threatened, here's an I-D that says how one would publish a list of
domains for which it makes sense to discard unsigned mail.
Looks like a good start, and almost shockingly simple. Any MTA/MFA support
yet? *grin*
If only it was simple. How do you envision the VBR scheme offering
protection for phished domains?
ADSP imposes a specific Author Domain policy related to DKIM.
Whereas, the VBR-Info header might apply against _ANY_:
i) DKIM signature domain, or
ii) Return-Path, or
iii) PRA. (from, sender, resent-*, etc.)
Except for Author Domains, these other domains are typically not visible.
Vouching information from a service selected by a vbr-info header can
now include a discard recommendation, in addition good/bad ratings used
to adjust spam scores.
Without a DKIM signature, the vbr-info header can include anything, and
make use of recycled domains in any of a number of invisible domains,
such as the return-path, resent-sender, etc.
How would vbr-info header and an additional discard status mitigate
abuse when it can be based on many invisible domains?
How will discard be different from returning extremely negative ratings?
The duration of domains used to phish is often measured in hours, where
an arbitrary use of path registration will not protect phished domains.
Wack-a-Mole does not work very well.
What protection will a Resent-Sender header offer when mitigating a
phishing problem?
Isn't vouching and reputation outside the DKIM WG?
BTW, does MFA mean Mail Forwarding Agent?
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html