Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joi

--On 27 September 2010 23:05:46 -0400 "John R. Levine" 
<johnl(_at_)iecc(_dot_)com> 
wrote:

> For Ian, I'm still wondering if he's yet implemented a setup which knows
> at SMTP time what addresses deliver to mailing lists so it knows whether
> to reject or discard on ADSP failures.  Still seems like a lot of work
> for  a largely nonexistent problem.
I know which addresses deliver to *my* mailing lists. They live on a 
different host, and I check the address so that I know the recipient is 
valid before accepting the message.

The only difficulty arises when messages have multiple recipients. There 
are several options here, when one of the recipients turns out to be 
troublesome, but others don't:

1. Treat them all the same, and reject the entire message.
2. Treat them all the same, and deliver to all.
3. Use selective defers to split the stream into two (this is a fairly 
widely known technique in Exim circles, used to permit application of 
different SMTP time content based filtering rules)
4. Discard the troublesome recipients, notifying the sender (perhaps only 
when the sender mail domain matches the signing domain).

If selective defers are regarded as difficult, then it's probably best to 
(A) reject troublesome messages when their is only one recipient, and (B) 
discard troublesome recipients when there are multiple recipients, and 
notify the sender. Since the message has a good DKIM signature, the signer 
may be held responsible for any collateral spam that's generated.


-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/


_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html