[ietf-dkim] Fwd: Re: domain existence check
dotis at mail-abuse.org
Tue May 27 10:29:38 PDT 2008
On May 27, 2008, at 6:01 AM, <Bill.Oxley at cox.com> wrote:
> I am imperfectly signing messages with DKIM that I am sending via my
> home machine on a dhcp address purported to be from
> bill.oxley.home.com a vanity non existent domain. According to DKIM
> that message is to be treated as unsigned, why do you wish to drop it?
ADSP changes what is accepted over SMTP when implemented by receiving
hosts. Receiving hosts are free to verify that SMTP support records
exist when the receiving host wish to limit message-addresses to those
that might be supported by SMTP. This will not require most sending
domains to make any change. Perhaps there will be a few cases where a
"converted" NNTP (RFC3977) message has been issued by a domain that
does not support SMTP, or in your case from a made-up domain. The
otis-dkim-adsp draft does suggest that a message signed by an non-
Author-Key-Domain can still be used as a basis for acceptance.
Stringent tests are unlikely to be imposed by larger providers, at
least until abuse complaints exceed those of not receiving non-SMTP
messages over SMTP. This change will require time.
Expecting the rest of the world to publish records declaring SMTP as
not supported at every domain is unfair and also does not scale. The
ADSP discovery algorithm must be based upon positive assertions of
support for SMTP.
More information about the ietf-dkim