2) do we need a mechanism to alert the receiving MTA that you have
subscribed to a mailing list, and all messages should pass through?
Yes, desperately.
Certainly a possible feature, but it seems like it won't scale very well.
Why not?
If I were a spammer, I would tell the victim's MTA that the victim
subscribed, then send the spam.
These days most subscriptions are entered on a web page, and if you're
lucky the mailer will send a confirmation message with a URL that sends
the subscriber back to the web page. Where's the MTA going to get the
subscriber info? The challenges in designing a protocol that neither makes
unreasonable demands on users and MUAs nor is easily spoofed by hostile
mailers seem insurmountable to me. If you're planning to keep a
reputation database of mailers who send credible subscription
announcements, why not just whitelist their mail?
Since as far as I know nobody does this, it's a resarch topic, so I've
directed replies to the ASRG. See you there.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html