On Sep 13, 2010, at 2:38 PM, Murray S. Kucherawy wrote: > I don't have specific data, but since ADSP is so controversial and no > third-party authorization mechanism has been endorsed so far, my guess would > be that there are only two possibilities: ESPs are signing using their own > domains to sign, or ESPs have customer key space delegated to them one way or > another. I don't have hard data about which is more prevalent, but we're > definitely seeing both in the stats reports I'm getting now.
I don't have specific data either, unfortunately, but I've talked with co-workers who work closely with ESPs. They say the former scenario where ESPs sign with their own domains is still more common, because in general ESPs are more authentication-savvy than their clients tend to be. However, a few ESPs do support the latter scenario of customers delegating keys, and more have talked about doing it as soon as their clients are ready. The ESP domain wasn't chosen because anyone thinks it's a better practice, however. It's because otherwise, they'd be sending unauthenticated mail -- and many in the ESP world fear disastrous deliverability consequences if they aren't fully buzzword-compliant. (Note that this is "ESP" defined as a company who sends bulk, often commercial email on behalf of other companies, not the older, more general sense of any entity who provides any service related to email.) _______________________________________________ dkim-ops mailing list [email protected] http://mipassoc.org/mailman/listinfo/dkim-ops
