> > What I'm trying to asses is do you query the DNS for every signed > message that is reported, or only for the ones which have a domain or > d= that is registered with you to receive ARF reports. > I was under the impression that the goal of this discussion was to remove the need for an FBL registration process.
You would query for every report concerning a domain that meets your trust/reputation requirements if you have any. > Also this would add one DNS query to the set of queries. It is > additional resources. It would add one query, or possibly more depending on how delegation works. > > It may be early, but just trying to asses what is the least costly for > the reporter. > > > > > We currently send reports to over 80k domains. I would wager that the > > domains who currently sign are a subset of those (spammer domains > > included), but if someone actually wants me to dig around to prove it I > > suppose I can. Going forward, domains that care enough to sign their > > mail will care enough to want abuse reports. > > > > > On privacy issues, some ARF processors strip the report from any > > > potential user identification, To: Message ID, email in the content > > > etc... > > > > That's to protect the privacy of the reporter, not the privacy of the > > message author. You would be surprised how many folks on shared IP > > addresses try to get an FBL for the entire IP address instead of just > > their domain. DKIM based FBLs should clear up that specific issue, but > > I'm sure there will be some new 'gotcha'. > > > correct, I mean I agree, but you know also that in the case of mailing > lists, the sender puts a fingerprint to circumvent this anonymization > process, otherwise, the report would be mostly useless. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
