On 27 Feb 2011, John Levine wrote:
Um, you must be new here. We've argued about this ad nauseam
over the years.
I've been subscribed since Janurary 2008. Although my eyes may have
glazed over during some of the longer threads....
There are two uses for a protocol similar to DKIM/ADSP.
#1: it can be used as one of many general mailbox decluttering weapons,
reducing the amount of "bad mail" of various sorts that the end recipient
has to sort through with his own eyes.
#2: it can be used to stop phishes from being successful, by preventing
gullible users from even seeing them.
The immediate responses I'm getting in this thread suggest the intended
mission of DKIM is #1. Which is what I thought in the very first place,
as the Full Name Problem makes mission #2 rather problematic.
And yet, two things on this list seem to indicate that there are people
here who think #2 is the mission:
First, there's the whole double-From: fuss. The demand for coercive
language on this minor point only makes sense on the assumption that the
recipient admin is not eager to block suspect mail; that he is only
implementing ADSP for some sort of Good Netizenship ticklist.
Second, one of the responses I've gotten to my "except-mlist" proposal
is that the domains for which it would be superior to TPA (consumer
ISPs, basically) are not phish targets. That is true, but it is only a
counterargument under mission #2. Under mission #1, it is just as
valuable to block *@gmail.com forgeries as *@paypal.com forgeries.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html