ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs

2010-09-27 13:46:54
from [Michael Thomas] [Permanent Link] 
On 09/27/2010 11:17 AM, Al Iverson wrote:

On Mon, Sep 27, 2010 at 1:05 PM, Michael Thomas<mike(_at_)mtcc(_dot_)com>  
wrote:

On 09/27/2010 10:58 AM, Michael Thomas wrote:

On 09/27/2010 10:38 AM, John R. Levine wrote:

Ignorance is bliss, I guess, especially when it comes to pontificates.
That's what every implementation of DKIM for MTA's, both open source and
commercial that I'm aware of does, though some do and don't do the ADSP
lookup. News at 11: email is still delivered, with little to no
observable
impact.


It is not my impression that they all do the full DKIM validation while
the SMTP session is open. Mine doesn't.



You would be completely wrong in your impression.

Source is your friend.


Oh, I see John weaseled from "nobody does that" to the unprovable
"not everybody does that". In any case, John is completely wrong
with his assertion that doing DKIM/ADSP validation at SMTP time
is somehow even vaguely untenable. It isn't. It's common as dirt.


It's hard to imagine a large, DKIM-checking mail provider, like, say,
Yahoo, doing that mid-transaction.

Do you have any data/insight on how to quantify "common as dirt"? I'm
doubtful of your claim without it.


Yes, I have a lot of insight. My implementation did it that way, which
along with Murray's (and any other that's based off of milters), do it
that way. I don't have access to Y!'s source to say for sure, but my
impression from Mark and Miles is that they did it in-session and that
all of our experiences were the same: it added very little overhead.

I don't know why this should surprise anybody. Doing DNS lookups in-session
*is* common as dirt for RBL lookups, even if the big boys have the RBL
databases in-house for performance. So the only other issue with DKIM is
the actual computational overhead, and Eric did some calculations that it
was *maybe* 5% overhead, and that was 5 years ago -- Moore's Law only
helps.

So by all means, doubt away. Is there anybody else who was at the Interop
who *doesn't* do DKIM in-session? It was my impression that everybody did
it that way.

Mike
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Murray S. Kucherawy
Next by Date:  Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Dave CROCKER
Previous by Thread:  Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Murray S. Kucherawy
Next by Thread:  [ietf-dkim] ADSP Extensions, Hector Santos
Indexes:  [Date] [Thread] [Top] [All Lists]