[ietf-dkim] SSP and mailing lists
johnl at iecc.com
Tue Sep 12 10:17:54 PDT 2006
>Maybe one solution to the mailing list problem would be to approach
>from a different angle. Would it be possible, for verification etc
>purposes, to consider mailing list traffic to have come from the
>mailing list not the person who submitted to the list?
That's the only sensible approach.
When I subscribe to a list, I do so because I want mail from the list,
and I have enough confidence that whoever runs the list will take care
to manage the traffic and keep the list worth reading. I may bozo
filter the occasional contributor, but that's because they're bozos,
not because they're forged. Lists have all sorts of way to verify
incoming traffic, from return address validation to challenges to
manual moderation. That's not going to change, although of course
DKIM will be a fine way to improve address validation on incoming
I have trouble envisioning a use model that demands that lists pass
through incoming signatures. As best I can figure it out, list
managers, who have spent the last decade developing ways to keep junk
off their lists, will suddenly give up, let the spam gush through
unimpeded, and list recipients will have to do all the filtering.
More information about the ietf-dkim