[ietf-dkim] SSP and mailing lists
Douglas Otis
dotis at mail-abuse.org
Tue Sep 12 05:41:45 PDT 2006
On Tue, 2006-09-12 at 11:20 +0100, Graham Murray wrote:
> Maybe one solution to the mailing list problem would be to approach
> from a different angle. Would it be possible, for verification etc
> purposes, to consider mailing list traffic to have come from the
> mailing list not the person who submitted to the list? So, taking this
> list as an example, the checking, reputation etc would be done on
> 'ietf-dkim at mipassoc.org' not on the individual submitters.
Evidence that a message is from a mailing-list, or that the message has
been signed, is not apparent without examining headers that few ever
see. Most MUAs display the From, To, CC, and Subject. Only some
attempt to show the Sender header in some fashion. None of these
headers are ensured to represent the actual originator of the message.
If there is to be some added annotations, what should they be?
When the DKIM header verifies, assures a specific email-address, and
this assured email-address is recognized based upon some retained
email-address via a list or address-book, mark the message accordingly.
Reputation can be considered an orthogonal issue to that of a recognized
identity.
-Doug
More information about the ietf-dkim
mailing list