ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Another reality check

2010-09-25 00:19:37
John R. Levine wrote:
Looking through my notes, I see one report of an IETF list where a sender 
who hadn't read RFC 5617 sent mail from a discardable domain, and a 
recipient who also hadn't read RFC 5617 rejected rather than discarding on 
discardable missing signatures, and got themselves bounced off the list. 
The resolution for for the sender to say oops, and delete their ADSP 
record.

On this list we used to see mail from paypal.com, which also publishes 
discardable, but as far as I can tell, it didn't cause any problems in 
practice.  Our Paypal subscribers now use a different domain for their 
list mail.

Has anyone else seen any actual observed interactions between ADSP and 
mailing lists?

Sure, we are seeing it.

But we knew this. The issues is not the reality and fact that they 
don't interact well when one or the other doesn't read RFC 5617 or 
ignores it. The issue is to support it.  The MLM could of rejected the 
message just as well rather than risk one bad reader causing problems 
for other members whose MTA might be supporting it.  Its not just the 
bad reader who gets bounced off the list, it is all ADSP supporters as 
well.   This is easily fixed simply by supporting it:

     int NewListMessage()
     {
       FromHeader   = GetHeader("From:");
       AuthorDomain = GetDomain(FromHeader);
       ADSP         = GetADSP(AuthDomain);
       if (ADSP == "dkim=discardable") {
         SendWarningOnce("Hey Next Time, you are off the list! I mean 
it!")
         return -1;
       }
       // Unprotected mail, I'm god now
       ...
       return 0.
     }

reduced:

     int NewListMessage()
     {
       if (GetADSP(GetDomain(GetHeader("From:"))) == "dkim=discardable")
       {
         SendWarningOnce("Hey Next Time, you are off the list! I mean 
it!")
         return -1;
       }
       // Unprotected mail, I'm god now
       ...
       return 0.
     }

You take care of the bad reader without posing problems for any other 
member who might be using reading ADSP and using it with a REJECT.

Even if the ADSP receiver supported DISCARDABLE correctly, the MLM is 
at risk of  lower reputations with its continuation of sending bad 
ADSP mail to it.

Even if your MLM is not doing a ADSP check, at the very least your MDA 
or MSA should in order to protect both list and not list ADSP 
restricted mail.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>