On Tue, Dec 13, 2022 at 5:00 PM Michael Thomas <[email protected]> wrote:
> On 12/13/22 6:35 AM, Murray S. Kucherawy wrote: > > > This tactic appears to me to have three problems: (1) negative reputations > are of little value to receivers, because attackers can easily shed them; > (2) if I have to remember everything with a negative reputation for some > undetermined period of time, I now have a resource problem; (3) I can just > not sign my mail, because maybe no reputation is better than a negative one. > > I don't understand #1. As in they can move to another service? Or what? > Right. IP address gets a bad reputation? Move to another one. Domain blocklisted? Register another one. etc. Any bad reputation is trivially exchanged for a neutral one. That leaves us in a world where only positive reputations are meaningful, and presumably once you have one you'll work to protect it. > As for 3, it's pretty easy to cons up a new domain with fresh neutral > reputation and still enjoy the supposed benefit of mail being signed for > awhile. If you factor SPF in though it probably gets harder because now you > need not only a new domain, but the underlying network connectivity to > avoid detection. > Yep, but if a receiver values DKIM more than SPF, for instance, then maybe they're willing to forgive that lack of support. Maybe the forwarding problem bugs you enough that you're forced into such a position, for instance. > Which brings up a question: even though they pass on DKIM they should > fail on SPF, right? For transactional email that seems like a big old red > flag, right? > Yes, but that doesn't work for all applications or flows. It depends on what tolerances work for your use case and your users. > In both cases you need to keep track of both as somebody with a bad rep > might get better and one with a good rep might get worse, right? That is, > this isn't static. Preferential of course is pretty subjective. I suspect > that most of these filters operate much like spamassassin which gives > weights to various factors, so good and bad are both useful. > Sure but on my email, I would like you to have only positive signal, to the extent I can control that. Or, at least, as little negative signal as possible. -MSK
_______________________________________________ Ietf-dkim mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-dkim
