Perhaps we should work backwards, what are the mechanisms for DKIM compliant mailing lists? If a signed message arrives and SSP says 3rd party allowed, evaluate resign send If evaluate fails bounce without propagation If no sig and policy says "I sign all" bounce message If SSP states "I only sign" forward without adding list signature or bounce message Myriad other possibilities Bill Oxley Messaging Engineer Cox Communications, Inc. Alpharetta GA 404-847-6397 [EMAIL PROTECTED]
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Delany Sent: Saturday, August 05, 2006 12:47 AM To: [email protected] Subject: Re: [ietf-dkim] A more fundamental SSP axiom On Sat, Aug 05, 2006 at 01:41:39AM -0000, John Levine allegedly wrote: > >> So if I set a policy of "I sign all", and a mailing list mangles > >> it, what exactly is the mailing list receiving the bounce going to > >> do? Blackhole it? Bounce the user off the list? Anything useful > >> whatsoever? > > >That's a matter between the "I sign all" and the list. I would say > >that if it hurts, don't do it. > > No, the sensible user will accept all the mail from the list. With Well maybe, but that's not the intent of my style of "I sign all". If "I sign all" I would much rather no one accept a mail purportedly from me that doesn't verify. Why would an "I sign all" domain want mail accepted that can't be proved to be from them? But them I'm missing this whole "list" issue. It seems to me to be largely a red-herring because the size of the intersection of "I sign all" traffic and DKIM-unaware Lists is pure speculation at this stage. Mark. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
