On 26 Sep 2010, John R. Levine wrote:
No, of course not. I've already adjusted my list software to put DKIM
list signatures on outgoing mail. It was no big deal. I haven't done
anything with ADSP because, to several decimal places, nobody uses ADSP.
I was suggesting the From: hackery as a substitute for preemptively
blocking ADSP-using posters, not as a substitute for adding a List-Id:
signature.
Although without an "LDSP", List-Id: signing is almost pointless. To
benefit, you need to tell the recipient, human-to-human, that your list
always signs. But if that communication channel is open, you could just
promise not to change the bounce-address domain, and protect that domain
with SPF.
What have you done on the lists you run?
I don't run any lists.
One other important thing: While preemptively blocking
"dkim=discardable" is reasonable, to definitively avoid DKIM false
positives you must also restrict "dkim=all" posters.
A reasonable interpretation of the RFC is that "dkim=all" still indicates
that all mail with no signature is bogus -- the difference from
"discardable" is that the latter indicates the sender is willing to accept
that suspect mail may be silently blackholed (thus making diagnosis of an
FP-causing configuration error harder). So an MX capable of validating
before responding to CR LF '.' CR LF may treat them identically.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html