On Sat, 2007-01-20 at 13:17 -0500, John L wrote: > > Why strengthen a bad statement that attempts to declare DKIM is to be > > done only at the MTA? > > Nobody's made such a statement. I don't understand the point of spending > the group's time arguing about a straw man.
I do not agree at all. [In particular, deferring verification until the message is accessed by the end user is discouraged.] Removing unnecessary language in this statement leaves: "In particular, verification by the end user is discouraged." Any verification at the MUA would be deferred in comparison to being done within the SMTP session. The MUA is where end-user verification would occur, and any verification not made within the SMTP session MUST be considered deferred. Most recipients will not fetch graphical images referenced by messages from unknown originators to prevent leaking information and to prevent DDoS exploits. It is not safe to assume DKIM verification should be done at the MTA for every message. Such a strategy would clearly indicate which clients succeed in getting past initial screening defending DKIM verification and allows for DDoS exploits. Something like a DAC list can serve as a prerequisite for DKIM verification at the MTA. Being on a trusted list is perhaps the _only_ safe instance where DKIM verification should occur at the MTA. When done in this limited fashion, DKIM can be used to avoid identifying messages as spam due to their volume, or avoid identifying messages as a phishing attempt. DKIM prevents false positive rejection of trusted sources for more stringent filtering. All messages, whether verified by the MTA or not, SHOULD be verified at the MUA when applying annotations. Verification at the MTA or MUA SHOULD be limited to messages containing trusted originators. Security is improved when not verifying messages having an unknown or untrusted originator. It is unreasonable to expect that DKIM is useful for rejecting spam. DKIM provides a safe basis for annotation that ensures a message is from a trusted source, and DKIM minimizes false positive filtering. The erroneous concept that DKIM provides a basis for rejection is likely the _only_ justification that could be used to support the very bad statement added in the latest draft. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
