On Sep 1, 2010, at 7:24 AM, Michael Thomas wrote:
I'll cheerfully give up references to S/MIME, if other people will
give up on telling software developers how to rewrite MLMs to do
things they've never done before.
Frankly, the best possible advice we can give is to tell people to
sign all their mail, set ADSP to discardable and let mailing list
mail get to sent to the trash can. If that doesn't get the hidebound
traditionist over-entitled mailing list developers and operators
attention, they pretty much deserve dying along with their 1970's
view of what the internet is.
ADSP is badly flawed, but those flaws don't have much impact in the case of
junk mail sent directly from senders to the MXes of consumer ISPs. Junk mail
sent to consumers is also the main place where the theoretical benefit of ADSP
is likely to be of value (assuming that's still anti-phishing).
If your goal is to have MLM developers rewrite their perfectly working code to
work around the fundamental flaws in ADSP - a protocol nobody other than bulk
mailers is interested in, and which in any even marginally sane deployment
would never interact with mailing lists at all - I think you're going to be
disappointed.
If you don't want to be disappointed you'd be better saying something like this
...
1. Don't publish ADSP for domains that are used for sending any mail other
than junk mail
2. If you pay attention to ADSP use it to discard mail, not reject it
3. If you run a mailing list, consider refusing submissions from any domain
publishing an ADSP record
4. If you run a mailing list, consider DKIM signing the mail you send
... rather than hoping MLM software developers will remove all the features
they offer that might break a DKIM signature.
Cheers,
Steve
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html