Michael Thomas wrote: > With SPF you had the lure of doing all of your work at the 2821 > layer. That is, reject things before you've read the message.
Receivers can read the DATA and still reject a "FAIL", for SSP, SPF, and PRA. Better than the lure to accept mails on probation, a receiver deciding that it's "likely" spam post-SMTP is trapped: Bouncing is bad, but dropping is also bad (for false positives). Bouncing is okay for an SPF PASS, re-enforcing the way how SMTP was designed in RFC 821. On the other hand SSP is a new concept: Many users won't like it if they can't use "their" From-address in places where it used to be okay before SSP restricted it, and other users might be also surprised if "resend" requires to keep the DKIM-signature valid for an SSP-protected From-address. I'd consider a MUA as broken if it breaks an existing signature for resent mail, but I can't judge how realistic my expectation is - for starters I never used a MUA supporting to resend mails. > This seems a lot more sensible and prudent to me as you're not > elevating SSP to Silver Bullet status which is always suspect. When receivers drop false positives they might find themselves looking for a "prudent and sensible" court of justice. No SSP problem, rejecting "suspicious" (non-compliant) mails is okay. Frank _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
