Harry,
[snip]
trusted-forwarders.org is such a whitelisting service, and it seems to
work.
This may be a fine list during early development or beta testing. But
are you suggesting this needs to be a permanent part of the MARID
solution? Based on the experience of similar list providers, I would
guess that both DDOS attacks and litigation will follow.
This is an interesting point. I'm not sure what a DOS against such a
service would accomplish - apart from causing a certain level of failure
for messages which would otherwise have been accepted. It certainly
wouldn't (directly) cause more unwanted mail to be allowed through. IANAL,
but I'd be fascinated to see the matter of any claim brought against a
*whitelisting* service. Do you have any references to such action to hand?
As for providing a mechanism for including "external references"
to "reputation" or "accreditation" services in MARID-dependent schemes
(either in publishing or in the recommended algorithm for evaluating
messages), some think it a good idea. Personally, I'd consider it more a
matter for local policy. But I'm easily persuaded, especially as such
mechanisms might address (what's been identified as) the forwarding issue.