[ietf-dkim] Re: DKIM Interoperability Event notes
Hector Santos
hsantos at santronics.com
Thu Nov 8 16:54:11 PST 2007
Hi Frank,
Well SOFTFAIL has similar implementation issues. But I was specifically
talking the similar t=y "I am in testing mode, so IGNORE any possible
failure" mechanism for DKIM/SSP.
Our implementation ignored its in SPF, and if we implement DKIM/SSP, it
will be ignore there too.
The DKIM/SSPEC authors seem to take these real world concerns very
lightly, especially if you not within the "inner circle." So I will
just watch with optimism that sound engineering will eventually prevail.
It usually does. If not, well, DKIM is not the first worthless
protocol "thrown into the waste basket with full force." :-)
--
HLS
Frank Ellermann wrote:
> Hector Santos wrote:
>
>> based on SPF experience, since day one I have outlined on
>> numerous occassions how this is being ignored by some SPF
>> implementation
>
> If you're talking about SOFTFAIL I wonder what "ignored by
> some SPF implementation" means, does the code return FAIL
> or NEUTRAL instead of SOFTFAIL ? Or are you talking about
> receivers interpreting SOFTFAIL like FAIL or NEUTRAL ?
>
> RFC 4408 recommends a kind of "greylisting" for a SOFTFAIL,
> or flagging / scoring the mail as suspicious. If some SPF
> implementation "ignores" SOFTFAIL by returning a different
> result like NONE, TEMPERROR, NEUTRAIL, FAIL, or what else,
> it's broken.
>
> If a receiver treats SOFTFAIL like another result it's ok.,
> his server, his rules, "receiver policy".
>
> A publisher using SOFTFAIL over a long time will find that
> "interpreting SOFTFAIL as suspicious" actually means that
> SOFTFAILing mails could vanish in the black holes of "spam
> folders". It's dangerous to use SOFTFAIL over long periods
> of time, the likely behaviour of mail receivers is hard to
> predict for a SOFTFAIL, unlike FAIL. What Ebay and Paypal
> do is wrong, no doubt about it.
>
> Frank (certainly no SOFTFAIL fan)
>
> _______________________________________________
> NOTE WELL: This list operates according to
> http://mipassoc.org/dkim/ietf-list-rules.html
>
>
--
Sincerely
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
More information about the ietf-dkim
mailing list