On Mar 8, 2009, at 5:58 PM, Suresh Ramasubramanian wrote: > On Sun, Mar 8, 2009 at 8:58 PM, MH Michael Hammer (5304) <[email protected] > > wrote: >> Suresh, notwithstanding what some vendors might wish in terms of >> reputation, the case for ADSP is and always has been to leverage >> DKIM to >> be able to say "this domain signs all mail" in one way or another. > > That seems like an overly complex, rube goldbergish way to indicate > it. More like developing spf, with your sole reason being to publish > "v=spf1 -all" indicating that a domain never sends email. > > And it is still not something I would trust without confirmation and > verification out of band (this, having noticed more than one wrong spf > declaration that if we'd bothered to check on in our mailserver, would > have resulted in lost mail) > > Further, at least from my perspective, it is not something I would > bother to check for all but a few significant domains.
If you have a list of domains to check, you don't need any of the ADSP infrastructure, just require valid DKIM signatures for any mail coming from those domains on the list. So any use case that uses a list (private or public) of domains to apply the algorithm to is probably out of scope for ADSP. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
