ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] New Version Notification for draft-levine-dbr-00(fwd)

2010-06-24 11:28:36
So why does a domain that performs that painful audit and
remediation need to then tell John's drop list that it's OK to
drop unsigned mail? It doesn't. It can just publish an ADSP
record and be done with it. No need to count on some unreliable,
unaccountable point of failure to mediate their business.

What if it publishes an ADSP record but doesn't understand the implications? 
Because, for instance, they send a lot of email to mailing lists. Or because to 
some emails, an MTA adds some blurb to the body after the DKIM signature has 
been computed. Or because they forget that in some (rare) cases they do not 
sign their email. (The latter happened to GMail who, without having published 
an ADSP record, had said that all of their email was DKIM-signed. Some of it 
wasn't. At least one commercial spam filter used GMail's claim to block 
unsigned email coming from GMail.)

So my view of the service being discussed here isn't one where some guy in 
upstate NY claims to have full knowledge of which domains DKIM-sign all their 
outbound email. Rather, it's a service where the manager of the service uses 
claims made by the sender about whether they sign all of their email and then 
only lists those domains that know what their doing.

Just my two cents.

Martijn.


Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>