reasons to ignore valid SSP (was RE: [ietf-dkim] Srsly.)
Steve Atkins
steve at blighty.com
Thu Jan 24 10:15:09 PST 2008
On Jan 24, 2008, at 10:09 AM, J D Falk wrote:
> Ellen wrote:
>
>> I still think there's a strong likelihood that receivers will choose
> to
>> use SSP selectively, i.e. to apply it only if their first level
>> reputation check on an existing signature does not meet their
> threshold.
>
> Why would anyone choose to accept and process a message when, as far
> as
> anyone can tell, the owner of the domain wants it to be rejected?
>
> ISPs aren't going to reclassify a message from "should be rejected" to
> "deliver to inbox" on a whim.
Sure they are.
ISPs are responsible to their customers, not the senders. They should,
and usually will, do what will make their customers happy.
As a concrete example, if the mail is coming from a known forwarder
(eg acm.org) or mailing list provider. Somewhere that is known to the
recipient ISP to not be a source of unwanted mail, and which may break
DKIM signatures. Most SSP fails in those cases will lead to rejection
of mail that is wanted by the recipient. Any responsible ISP will not
want to reject mail that is wanted by the recipient.
Cheers,
Steve
More information about the ietf-dkim
mailing list