On May 27, 2007, at 11:06 AM, SM wrote:
I read your draft. I didn't see any section that indicates how it
can mitigate replay abuse to accommodate mailing lists and forwarders.
Associating SMTP clients with the DKIM Domain provides a means to
extend replay abuse mitigation strategies and accommodate a greater
range of usage scenarios. This extension is able to cover cases
where the SMTP RCPT TO is not contained with the message. This
situation likely occurs with BCC, mailing-lists, and forwarded
messages. Granted, forwarding domains must be specifically listed,
whereas this scheme accommodates thousands without imposing
additional lookups.
The scheme proposed by DOSP could be revised to exclude the left-most
domain label in the hash to establish a type of shorthand. To limit
which hosts associate as an SMTP client, SMTP clients must then be
assigned a specific sub-domain.
For those domains where some hosts are not trusted, SMTP clients
would be placed within a sub-domain, for example 'mxo'.
host1.mxo.large-isp.com
host2.mxo.large-isp.com
...
The DOSP records could then include just the hash of 'mxo.large-
isp.com'.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
