Totally agree with you there, I run a mail server/monitoring server on OVH. With TLSA records, DKIM, and MTA-STS, I’ll still see junk filters on it if I accidentally email someone other than myself. Yes my space has been SWIP’d and I send so low email volume so it’s reputation would be neutral at best which very much justifies the spam filters due to OVH’s reputation. Somehow I don’t think SHAKEN/STIR would be any different.
I wonder how far this would go on VoIP transit. I purchase from voicetel.com <http://voicetel.com/> for my house, which purchases from some other providers, which probably aggregates to others. It doesn’t seem like this is quite as easy as looking up a whois from ARIN. Sincerely, Eric Tykwinski TrueNet, Inc. P: 610-429-8300 > On Mar 7, 2020, at 7:46 PM, John R. Levine <jo...@iecc.com> wrote: > >> Most DNS registers avoid verifying customer information as long as the >> payment clears (for a short time). DKIM (and DNSSEC) is built on top of >> trusting tokens from third-parties which disclaim all liability. > > Right. The only promise that DKIM makes is that if you have a stream of mail > signed by the same domain, you can praise or blame the same entity for it. > It's a handle that recipient systems can use to build a reputation system, > not a whitelist. DKIM has worked this way since 2006, the documentation is > entirely clear that's what it does, and I'm kind of surprised you haven't > gotten the memo. > >> Phone companies and advertisers have already demonstrated they can't be >> trusted to act as third-party introducers. > > No kidding. I've talked to people at big telcos who are in the middle of > STIR/SHAKEN and they tell me they plan to use it pretty much the same way > that mail providers use DKIM. Some senders will have a good reputation and > their calls will be delivered, some won't, and not so much. As with mail, it > also provides a handle to push back on people sending unwanted junk. > >> Eventually we'll have STE/STU-equivalent end-to-end verification on our >> smartphones. > > That's known not to work for e-mail spam, so I can't imagine why anyone would > expect it to work for phone calls. > > Regards, > John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for > Dummies", > Please consider the environment before reading this e-mail. https://jl.ly