On Sep 10, 2010, at 3:46 PM, Scott Kitterman wrote: > On Friday, September 10, 2010 06:37:46 pm Steve Atkins wrote: >> On Sep 10, 2010, at 2:31 PM, Scott Kitterman wrote: >>> >> >> I don't think it inoculates them against ADSP problems - rather >> it opens them up to violations of the security model that ADSP >> would like to impose. >> > This is only true if John is wrong and mailing lists are a vector that we > need > to worry about.
Doing what you suggest would avoid the problems of legitimate email being discarded due to ADSP/mailing list interactions at the cost of allowing phishers to send email "from" a sender violating the ADSP security model simply by pretending to be a mailing list. > I happen to generally agree with him on this. Me too. But you're breaking the ADSP security model for all email with your suggestion. Note that neither of the examples I gave involved me sending a phishing email via a mailing list. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
