--On 27 September 2010 11:39:43 -0700 Dave CROCKER <[email protected]> wrote:
> > > On 9/27/2010 11:04 AM, Murray S. Kucherawy wrote: >>> From: [email protected] [mailto:ietf-dkim- >>> [email protected]] On Behalf Of John R. Levine > ... >>> It is not my impression that they all do the full DKIM validation while >>> the SMTP session is open. Mine doesn't. >> >> The milter-based ones like OpenDKIM and dkim-milter do. > > > It's been a significant revelation, for me, to realize how common it is > for DKIM processing to occur during the SMTP session. > > So SMTP issues reduce to finding ways of preventing the cross-net > transfer of data or even of preventing the SMTP session. Oddly, I think > the latter is more feasible than the former. Actually, it's not the traffic that I see as the problem. It's the amount of processing that is performed on the body of the message. We already use SpamAssassin and ClamAV on every message that we accept, and that's way more effort than a DKIM verification. However, with Spamhaus' new DKIM/domain and IP whitelists, I expect to be able to reduce the SpamAssassin scanning (we'd never fail to use ClamAV), once we have confidence in the whitelists. Therefore, I expect to be able to reduce the load on our hosts when good DKIM signatures are present. For domains like gmail.com, I'm considering working on rate-limiting by author address. Of course, the rate limit would be different for a message with a dkim pass. -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
