On Jun 2, 2010, at 4:42 PM, John Levine wrote: >> This suggests attempting an exercise. The exercise is to try to document >> the >> boundaries for using ADSP. It requires being careful in describing failure >> scenarios and careful is assessing their likelihood. >> >> As for attempting careful caveats so far, they are scattered around: >> >> <http://dkim.org/specs/draft-ietf-dkim-deployment-11.html#rfc.section.7.3> > > We put some warnings in RFC 5617, Appendix B, including this one: > > B.5. Domains with Independent Users and Liberal Use Policies > > When a domain has independent users and its usage policy does not > explicitly restrict them to sending mail only from designated mail > servers (e.g., many ISP domains and even some corporate domains), > then it is only appropriate to publish an ADSP record containing > "unknown". Publishing either "all" or "discardable" will likely > result in significant breakage because independent users are likely > to send mail from the external paths enumerated in Appendix B.1.
It would be interesting to see the result of someone publishing ADSP records following the advice in that document. It'd be a good first step on looking at operational experience. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
