John R. Levine wrote:
Looking through my notes, I see one report of an IETF list where a sender
who hadn't read RFC 5617 sent mail from a discardable domain, and a
recipient who also hadn't read RFC 5617 rejected rather than discarding on
discardable missing signatures, and got themselves bounced off the list.
The resolution for for the sender to say oops, and delete their ADSP
record.
On this list we used to see mail from paypal.com, which also publishes
discardable, but as far as I can tell, it didn't cause any problems in
practice. Our Paypal subscribers now use a different domain for their
list mail.
Has anyone else seen any actual observed interactions between ADSP and
mailing lists?
Sure, we are seeing it.
But we knew this. The issues is not the reality and fact that they
don't interact well when one or the other doesn't read RFC 5617 or
ignores it. The issue is to support it. The MLM could of rejected the
message just as well rather than risk one bad reader causing problems
for other members whose MTA might be supporting it. Its not just the
bad reader who gets bounced off the list, it is all ADSP supporters as
well. This is easily fixed simply by supporting it:
int NewListMessage()
{
FromHeader = GetHeader("From:");
AuthorDomain = GetDomain(FromHeader);
ADSP = GetADSP(AuthDomain);
if (ADSP == "dkim=discardable") {
SendWarningOnce("Hey Next Time, you are off the list! I mean
it!")
return -1;
}
// Unprotected mail, I'm god now
...
return 0.
}
reduced:
int NewListMessage()
{
if (GetADSP(GetDomain(GetHeader("From:"))) == "dkim=discardable")
{
SendWarningOnce("Hey Next Time, you are off the list! I mean
it!")
return -1;
}
// Unprotected mail, I'm god now
...
return 0.
}
You take care of the bad reader without posing problems for any other
member who might be using reading ADSP and using it with a REJECT.
Even if the ADSP receiver supported DISCARDABLE correctly, the MLM is
at risk of lower reputations with its continuation of sending bad
ADSP mail to it.
Even if your MLM is not doing a ADSP check, at the very least your MDA
or MSA should in order to protect both list and not list ADSP
restricted mail.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html