--On 18 October 2009 20:55:38 -0400 Barry Leiba <[email protected]> wrote:
>>> That seems sensible to me. So lists should not forward email that >>> they're about to render 'discardable' by breaking the signature. >>> Instead, they should reject (5xx) or bounce (DSN) the message. >>> Presumably, a bank wants to know if it has a bad email address for a >>> customer. >> >> Yep. >> >>> Of course, if you >>> aren't going to break the signature, or are rewriting the From: address, >>> then it's OK to forward the email. >> >> Probably. > > Hm. > > It's been suggested (often) that a major use case for "discardable" is > a bank sending a bank statement, or the like. Going by what's said > above, if the bank somehow gets a mailing list address instead of my > correct email address, it will behave this way (slightly > oversimplifying to make a point; please bear with that, because this > is a valid example): > > - If the mailing list is configured to prepend "[Listname]" to the > subject lines, then it will reject the message, and the bank will know > there's a problem. > > - If the mailing list is NOT configured to change the subject lines, > then it will accept and forward the message. The bank will not know > there's a problem, and my bank statement will be forwarded to the > whole mailing list. Right. One needs to take more care about the addresses that one gives to one's bank. Don't forget that, for most lists, the bank's email address would also need to be subscribed to the list. For an *announcement* list, even that's not good enough. > It seems wrong that the behaviour with an ADSP-compliant mailing list > should depend upon whether the list is configured to alter the subject > line or not. I suggest that ADSP-compliant mailing lists should be > advised to reject "discardable" messages whether or not they will be > breaking the signature. That's not, afaiks, required or even implied by the RFC. Another feasible use case would be an emergency alert system, in which it's important that the content isn't changed. So, we'd be using ADSP to ensure the integrity of alerts. Perhaps there's a case for adding tags to allow domains to advertise whether their concern is privacy, integrity or both, perhaps "dkim=discardable-privacy", "dkim=discardable-accuracy", "dkim=discardable-privacy,accuracy". > The point here, I suppose, is that forwarders that are meant to > forward to a single individual (as happens with my > <[email protected]> address) are one species, and should get one > set of advice, while forwarders that are meant to fan out to multiple > recipients (as with mailing lists) are a different species, and should > get different advice. And that latter advice very much depends upon > what we mean "discardable" to be for. > > Barry > _______________________________________________ > NOTE WELL: This list operates according to > http://mipassoc.org/dkim/ietf-list-rules.html -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
