I don't quite understand your suggestion. Who is creating this DKIM=except-mail ADSP++ record? The Author Domain or the Mailing list Server? Who owns, creates, maintains, updates this Global White List you speak of?
Maybe you might want to write a IETF draft proposal to work out your thoughts. -- Michael Deutschmann wrote: > On Fri, 16 Oct 2009, hector wrote: >> [email protected] wrote: >>> But you don't need to be a vanity domain to *advertise* except-mlist, and >>> us vanity domains would appreciate it if you do. >> If you could Package this and provide it as a persistent protocol >> methodology for everyone to follow, then GO WEST!! > > The problem is that any solution that doesn't require the intelligence > typically only possessed by vanity domains, will require a global whitelist > of mailing lists -- so that spammers and phishers cannot make fake lists just > to use the back door. > > To improve upon except-mlist as I've described it, every mailinglist in the > whitelist must be unforgeable -- either via SPF, or a third-party DKIM. No > exceptions, since the public whitelist neutralizes the SbO advantage of the > vanity-domain approach. > > Then, we have the problem that a site can only publish > "dkim=except-mlist-on-global-whitelist" if it *knows* that none of it's users > subscribe to mailinglists unknown or unacceptable to the GW. > > So, we've then made a lateral move from a policy that can only be *applied* > by vanity domains, to one that can only be *advertised* by vanity domains.... > > It's still a worthy goal, which is why I've suggested that we also reserve a > namespace of policy names which devolve to except-mlist when not specifically > known to a validator. It just doesn't replace naked except-mlist. > > (Actually, I see one escape from the global whitelist -- a sender could > program his mailserver to recognize mail outgoing to trusted mailing lists > and use l=0 signatures in that case. But that is also practical only for > vanity domain senders.) > > ---- Michael Deutschmann <[email protected]> > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
