On 8/29/2023 7:46 PM, Grant Taylor wrote:
On 8/29/23 9:02 PM, Dave Crocker wrote:
Why not re-use the existing DKIM solution, just with a different
domain / set of keys?
Because it does not provide the affirmative information that I am
postulating/guessing the originating platform can supply.
Let a domain establish a bad reputation. Especially if it's being
used for sending messages that are considered to be questionable.
Establishing a reputation takes time. The likely behavior of a bad
actor is within a very short time-frame.
And it is a single account, not the entire domain, that is the problem.
Plumbing historically has had clean water and waste water.
The behavior of spammers is not as discrete or as stable as your example
requires.
3. Receiving hosts can take this as a flag for extra caution. The
damn thing still gets to victim platforms, but those platform have a
bit more information to factor in.
I feel like this falls back to a priming problem of who sends the flag
because not enough people are checking for it and not enough people
will check for it because not enough people are sending it. What's
more is that this is going to be viewed as some as tantamount to
$SO_AND_SO is sending $SPAM, see they even tag it as such.
The nature of a collaborative mechanism is that, yes, both sides have to
adopt it. Adoption takes time.
The upside of the model I'm suggesting is that a) it's pretty cheap, and
b) it's likely to be useful to a relatively, small set of very, very
valuable domains. So it does not have to gain widespread adoption on the
origination side, to be useful.
DKIM, SPF, et al, are all 'collaborative' mechanisms. Originators and
receivers opt in to use them. Both sides are necessary. So I'm
wondering about looking for something the furthers the collaboration.
Or re-use the existing systems that are already in place and being
used by much of the email community.
Just use different domains / keys to indicate different things.
No new standards. No new code. No new config.
And no new information. Hence, current mechanisms only, which are not
all that successful for this problem.
Maybe I'm too salty for the end of a long day, but I feel like this is
in some ways "nothing new to see here, move along".
That view has been constantly asserted here, by some folk. Why anyone
believing that continues to participate in this effort is a mystery.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
mast:@[email protected]
_______________________________________________
Ietf-dkim mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf-dkim
