On Mon, 2005-02-14 at 11:28 -0800,
domainkeys-feedbackbase01(_at_)yahoo(_dot_)com
wrote:
--- Tony Finch <dot(_at_)dotat(_dot_)at> wrote:
On Mon, 14 Feb 2005, John Levine wrote:
I don't know about you, but I would rather that people respond by
stopping the outgoing spam run than by running around and trying to
unsign mail that's likely already been received.
Doug suggested that you can do this by making the revocation mechanism act
as a rate-limiter. This allows you to impose much lower response
thresholds, and gives you extra time to work out if the behaviour is
actually abuse.
If the revocation id is not very cache-friendly, then it could be as granular
as a message-id.
This approach of using a message-id would be less cache-friendly, but
would afford anonymity. Users may not have an account, and this too
could be a reason to use message-ids within the revocation-identifier
field. Limitations for this field would be a valid domain name label,
which allows ample flexibility.
For large domains however, having this field remain persistent
(associate with the user account), would offer a reduction in
expenditures when dealing with abuse. In the case of a persistent
revocation identifier, a single record could thwart a possible series of
abusive messages and still affect only the abusive user.
-Doug