On Tue, 2006-08-08 at 04:55 -0400, Hector Santos wrote: > ----- Original Message ----- > From: "Mark Delany" <[EMAIL PROTECTED]> > To: <[email protected]> > > > I will say that that I think that John's DAC venture is exactly what > > we had hoped would be an outcome of this process. May there be many > > more DAC competitors emerging as DKIM is deployed. > > Mark, > > But will there be a standard? Market segment XYZ uses this? Market segment > ABC uses that? > > Will DKIM-BASE become a "Batteries Required" protocol?
Bad actors are able to sign with DKIM and establish any favorable policy. Good actors may be less inclined to assert the same policy when it might cause a percentage of their email to be rejected or discarded. Bad actors already expect many of their messages to be rejected, and don't care what happens when common services are used. A bad actor might try spoofing as a common service, but likely with less success. An alignment with the From, signing domain, and a policy record will not curtail spoofed return paths without also causing the loss of valid emails from good actors. A DKIM client policy may help, but not the DKIM From policy. Even here, there can be no absolute policy asserted without causing loss of email for a typical good actor. Don't expect the bad actor to care. Devising a set of obstacles through which email is to navigate will not eliminate a need to track source histories. Only this history curtails email from bad actors. When doing so, this history must track an unlimited number of domain names. White-listing may bypass some messages from the tracking process, however a growing percentage will be from a highly diverse array of domain names. Either the goal is to accept email from just the mega-domains (which will continue to have their abuse issues), or something is planned that is not apparent. The obstacle course favors the bad over the good actor. So don't throw out your batteries, they are still needed to retain your history information. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
