>> I agree it's hypothetically possible, but have you ever seen an actual >> need for this in practice, a list where the recipients filter out >> messages that a more competently managed list would have rejected? > >I've seen spam posted to mailing lists. Recently, I've seen lists targetted >in more intelligent ways by spammers. For example, by using sender >addresses in the domain of the list (quite a useful way of attacking >academic lists, which tend to have lots of local users, but some non-local).
I believe it. Are you saying the list managers make no effort to keep the spam out of their lists? Remember that every change to list software that might be useful to let recipients identify spam that leaks through a list could be used to keep the spam from leaking in the first place. Why go to extra effort to push the work out to the subscribers? Also, re your other discussion about list authentication, you're right, we don't know what authentication lists do on their contributors, but DKIM doesn't help there since DKIM most definitely never says that the From: address is "real". If you want strong sender authentication, we already have S/MIME, and I wouldn't be surprised if there were list software that could use it. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
