Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles

On 5/25/2021 7:11 PM, Sam Varshavchik wrote:
> Dave Crocker writes:
>
> > Actually, no, that's not what I said.  Bad actors are always the first 
> > to adopt the newest anti-spam technologies, to abuse those 
> > unfortunates who interpret DKIM the way you described.
> > DKIM establishes a clean (noise-free) channel from the signer, which 
> > means that any assessment about them really is about them.  If they 
> > are bad actors, that is a lot easier to assess, as is if they are good 
> > actors.
> Ah, but the first paragraph's the rub. That's why I saw DKIM-Signature: 
> as a spam indicator: the bad actors' initial take-up of DKIM-Signature: 
> was quite noticable.
> That was definitely true at one point. Based on today's numbers that I 
> looked at the mainstream adoption of DKIM sadly diluted its early value 
> as a spam indicator, ironically.
You seem to have fixated on using the existence of a signature as 
indicating goodness or badness.  Since it isn't intended to do that, 
please stop casting the issue in terms of whether it accomplishes that.
One more time:

     1)  DKIM creates a noise free channel of mail associated with the 
signing identifier.
     2) A noise-free channel permits accurate assessment of the actor 
associated with the identifier.
     3) Assessment is a separate process from identification; DKIM does 
identification.


> You can't really have both. Either you "formulate your own criteria", or 
> you'll outsource your spam filtering.
Well, actually, you CAN do both, if you want.  But whether you can or 
not is irrelevant to any of the points I was making...
d/

--
Dave Crocker
Brandenburg InternetWorking
bbiw.net

_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp