[ietf-dkim] Re: reductio ad hominem
Steve Atkins
steve at blighty.com
Fri Dec 7 10:17:49 PST 2007
On Dec 7, 2007, at 9:58 AM, Jim Fenton wrote:
> Steve Atkins wrote:
>>
>> On Dec 7, 2007, at 9:20 AM, Scott Kitterman wrote:
>>>
>>> If they do, then Mike's point stands.
>>>
>>> If they don't, then phishing is inherently OK. There really is no
>>> middle
>>> ground.
>>
>> Fallacy of the excluded middle.
>>
>> Just because it's OK for people to use some variant on a webmail
>> interface to send mail "from" their email address does not make it
>> OK to criminally steal passwords or credit card details.
>
> Some domains don't sanction the use of outside services to send mail
> "from" their domain, and have terms of use requiring the use of their
> domain's own mail servers to send mail. This is becoming increasingly
> commonplace in the corporate world. If you want to forward a news
> article, you're welcome to do so using your personal email address.
That's quite true, though not relevant to the comment you're replying
to.
> Domains lacking "terms of use" requiring the use of their own mail
> servers (which presumably would sign outgoing mail), should not
> publish
> SSP other than "unknown", because it is perfectly within a user's
> rights
> to send mail using means that wouldn't get it signed. It would be
> helpful to have this expressed in the Development/Deployment/
> Operations
> document.
Yes. That sounds like a good thing to have recorded somewhere.
It wouldn't be just "their own mail servers", it would also be those
they'd authorized to send dkim-signed mail on their behalf by one
or other of the usual methods.
Cheers,
Steve
More information about the ietf-dkim
mailing list