On 09/04/2014 08:57 AM, Daniel Thomas wrote: >> Sending *domain* not user. No spam filter I'm aware of tries to calculate >> inbound reputations on a per user basis. > > True. This is probably due to a number of factors (including not enough > per user data) but perhaps it would become possible if the sending user > could be authenticated to the recipient spam filter? DKIM and SPF only > really authenticate the sending domain as some domains allow users to > send email as if from other users at the same domain (they shouldn't but > it used to be possible here).
With DKIM, the provider can pick which headers it will sign (on an email by email basis). It is common for the "From" header to be signed when the provider requires authenticated SMTP and for the "From" header to match the authenticated user. But, yes, in general, email is a system of delegated reputation. My reputation as someone who wants to send email is entirely dependent on the reputation of my provider, who must aggressively police its users if it wants to keep that reputation. -elijah _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
