Hi,
We've been discussing mailing lists over on the ietf-dkim mailing list, and
the issue of when a receiving MTA should trust mail from a list.
I had an idea, though it's only vaguely formed:
It would be nice if a list server would verify subscription requests using
OAuth, Windows Live ID Delegated Authentication, or similar. Perhaps
instead of the usual verification by email. If
<http://fingerprintapp.com/email-client-stats> is accurate, that's about
35% of email users with Gmail, Yahoo, and Hotmail.
If that happened, then then the subscriber's mail system has a chance of
understanding that the subscriber has, indeed, subscribed to the list. At
that point, the receiving mail system might whitelist mail from that list,
provided that it had a good DKIM signature, or an SPF pass, perhaps.
One might even build some sort of federated list management infrastructure,
so a user could go to one site to manage all their Mailman3 mailing list
subscriptions. With some kind of future standard, perhaps other MLMs could
join the party later.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives:
http://www.mail-archive.com/mailman-developers%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
Security Policy: http://wiki.list.org/x/QIA9
