On 06/24/2010 10:10 AM, Mark Delany wrote:
Conceivably "at risk" domains would first submit themselves to such a
service and ask it to discover and publish (and/or feedback) counter
examples.
Since all you need is one counter example, getting 20 or 30 large,
trusted mail providers to participate in identifying such emails and
domains should be able to know pretty quickly when something has gone
awry with their IT audit.
John's list then simply becomes a focal point of discovery rather than
a judgment call.
That's essentially the same thing that I mentioned with my "clueless"
list in a previous post.
The question is: once you get checked into the clueless motel, how can
you ever check out? This is the same weakness of DNSBL's, fwiw. Worse
in this case, because it's really bound up in whether somebody's infrastructure
is actually set up correctly, which is hard for the domain's owner and
near impossible for an outside third party to determine.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html