On Sep 16, 2010, at 11:03 AM, Alessandro Vesely wrote: > On 16/Sep/10 13:05, MH Michael Hammer (5304) wrote: >> Ian, this makes no sense to me. If a signing domain is concerned enough >> to choose to implement ADSP, why would they reduce what they are signing >> to accommodate a small percentage of their mail going to MLMs that they >> may or may not be able to identify? I don't remove the locks on my doors >> because there is a possibility that someone might break one of my >> windows. >> >> I've said it before and I'll say it again. MLMs are the tail, not the >> dog. Don't wag the dog. > > Messages can also be replayed as-is, for the sole purpose to game the > author domain's reputation. DKIM can sign To: and Cc:, but not Bcc:, > and then these are not tied to the actual recipients list. This > wagging is about delimiting message streams, hence it's not > necessarily tied to MLMs only.
If this is primarily a workaround for perceived limitations of reputation systems, then I humbly suggest that the premise is invalid. Today's reputation systems aren't static; the operators are constantly changing them in reaction to what the spammers do. If the spammers start replaying DKIM-signed messages in order to game reputation systems, the operators WILL adjust. A scheme like this, rather than helping, may make those adjustments more complex and difficult. Are there other use cases? _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
