[ietf-dkim] A proposal for restructuring SSP
Damon
deepvoice at gmail.com
Sun Jan 27 21:00:38 PST 2008
> You set your MTAs to sign the mail going out. It arrives other
> places, and they say aha, it's from Cox, they're OK so I'll treat it
> favorably, without having to worry about who's on the From line. (Or
> they might say, it's from Cox, they stink, but there's not much you
> can do about that.) Assuming that people believe that Cox's mail
> system is well run, your signature is all they need to link the mail
> with you.
>
> R's,
> John
>
Pipe-dream. I am flabbergasted. Bad people sign up for accounts
everyday and in this case, they would get to generate signed mail
until they get shut down. How is this any different than how things
are today? I would dare say it might even get worse. It says to me- I
can't trust the signature. This does absolutely zero in helping to
trust a domain. Not only that, all of a sudden we have reputation
batteries required again. Even if the system is well run, which I am
sure that it is, as is mine, the idea put forth that this is somehow
tied to reputation is ludicrous. Bill, from now on, if you have a
spammer who gets an account, I am going to hold you and your entire
ISP responsible... I know you did it, I have your signature right
here.
Regards,
Damon Sauer
More information about the ietf-dkim
mailing list