--On 16 July 2010 08:40:55 -0700 Douglas Otis <dotis(_at_)mail-abuse(_dot_)org>
wrote:
On 7/16/10 7:11 AM, Ian Eiloart wrote:
Yes, but why ask on a DKIM mailing list? I speculate that Dave wants
to modify it to build a reputation engine based on Author address, for
DKIM signed messages. With that, you don't have to forgive bad apples
just because they share an IP address with lots of good senders. Add
in reputation for envelope sender addresses when SPF passes, and you
have *per sender* reputation database for (for us) the majority of
inbound mail (that's passed IP reputation tests).
Clearly, your suggestion is not related to DKIM, which makes no identity
claim beyond the signing domain.
But, if I get an email purporting to be from a gmail account, and it's
signed by the gmail.com domain, I reckon I'm going to assume that its safe
to apply a reputation score to the sender address.
My suggestion has nothing to do with ADSP, or unsigned messages, and
everything to do with email that carries a good signature. About 80% of
signatures that I inspect are good.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html