On Tue, 23 Aug 2005, Keith Moore wrote: > > If you put signing domains in the position of accepting responsibility for any > type of abuse, you do several things. One is that you make it more difficult > for domains to justify signing messages. And because "abuse" is subjective > (one recipient's spam is another recipient's useful ad), you end up both > legitimizing some amount of abuse and marginalizing useful and valid behavior.
I don't think your conclusion is correct. The current situation is that IP addresses are used to identify accountable entities in email, and there's no formal classification of IP addresses into email servers or end-user systems or whatever. Recipient sites can choose from a wide range of blacklists which implement various policies according to how strict they want to be along various dimensions. I don't see any clear signs of the convergence to mediocrity that you are concerned about, except to the extent that we can't accurately identify an accountable entity (e.g. it's an ISP's relay so we can't identify which customer it is) or heavy-handed use of dial-up lists (though zombie identification is replacing that technique). However I'm not arguing against some kind of signer-role tag in the signature. This could be a useful nuance, because (for example) the signatures on messages from my submission servers will be much stronger than those from my outgoing relays, because in the former case we are able to enforce proper authentication and identification of the submitter in the message. Tony. -- f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/ BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR GOOD. _______________________________________________ ietf-dkim mailing list http://dkim.org
