[ietf-dkim] Re: the more reliable signature fallacy

[Frank Ellermann]

Michael Thomas wrote:
 
> With SPF you had the lure of doing all of your work at the 2821
> layer. That is, reject things before you've read the message.

Receivers can read the DATA and still reject a "FAIL", for SSP,
SPF, and PRA.  Better than the lure to accept mails on probation,
a receiver deciding that it's "likely" spam post-SMTP is trapped:

Bouncing is bad, but dropping is also bad (for false positives).
Bouncing is okay for an SPF PASS, re-enforcing the way how SMTP
was designed in RFC 821.  On the other hand SSP is a new concept:

Many users won't like it if they can't use "their" From-address
in places where it used to be okay before SSP restricted it, and
other users might be also surprised if "resend" requires to keep
the DKIM-signature valid for an SSP-protected From-address.  

I'd consider a MUA as broken if it breaks an existing signature
for resent mail, but I can't judge how realistic my expectation
is - for starters I never used a MUA supporting to resend mails.

> This seems a lot more sensible and prudent to me as you're not
> elevating SSP to Silver Bullet status which is always suspect.

When receivers drop false positives they might find themselves
looking for a "prudent and sensible" court of justice.  No SSP
problem, rejecting "suspicious" (non-compliant) mails is okay.

 Frank