>If the above is possible, how should/can it be avoided? The usual approach is by using different domains. Disregarding the courtesy forwarding swamp, it makes sense for a bank to say that its transactional notices, e.g., "you're overdrawn", shouldn't be coming from any place but the bank, and shouldn't be appearing on mailing lists. On the other hand, it's perfectly reasonable for employees to be participating in work-related mailing lists.
Since there's different policies for transactional mail and mail from employees and DKIM's granularity is domains, if you want to use DKIM and SSP, you'd best send the transaction mail from one domain and the personal mail from another. I see banks doing this already. Even the small ones tend to have a bunch of domains for all the variants of their name. As others have noted, the current SSP is as much a straw man as a practical candidate for implementation. Maybe we'll find a workable way to get the granularity down lower, maybe we'll decide that the current granularity is OK, maybe we'll discover that we need something totally unlike SSP. But we don't need to solve any of this now. R's, John _______________________________________________ ietf-dkim mailing list http://dkim.org
