Steve Atkins wrote: > > On Dec 7, 2007, at 9:20 AM, Scott Kitterman wrote: > >> On Friday 07 December 2007 12:00, John Levine wrote: >>>> If you believe that any random MTA has an equal right to emit mail >>>> claiming to be from my domain, then I think there's little left to >>>> discuss. >>> >>> Twisting other people's arguments to make them sound absurd is not >>> helpful. >>> >>> For example, since you want to forbid all third parties from sending >>> mail, please explain why you want to forbid newspaper mail-to-a-friend >>> services. Why are you opposed to press freedom? >> >> Nothing says they have to use my domain name to do it. It's completely >> orthogonal to the point. >> >>> PS: The non-absurd version of this is, where did we conclude that the >>> DNS operator's rights to a domain name always trump every other >>> possible use? >> >> I disagree. What I stated is the logical conclusion from the statement. >> Either domain owners have the right to control the use of their >> domain names >> in email or they don't. >> >> If they do, then Mike's point stands. >> >> If they don't, then phishing is inherently OK. There really is no >> middle >> ground. > > Fallacy of the excluded middle. > > Just because it's OK for people to use some variant on a webmail > interface to send mail "from" their email address does not make it > OK to criminally steal passwords or credit card details.
Some domains don't sanction the use of outside services to send mail "from" their domain, and have terms of use requiring the use of their domain's own mail servers to send mail. This is becoming increasingly commonplace in the corporate world. If you want to forward a news article, you're welcome to do so using your personal email address. Domains lacking "terms of use" requiring the use of their own mail servers (which presumably would sign outgoing mail), should not publish SSP other than "unknown", because it is perfectly within a user's rights to send mail using means that wouldn't get it signed. It would be helpful to have this expressed in the Development/Deployment/Operations document. -Jim _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
