[ietf-dkim] Is anyone using ADSP? - bit more data from the receiving side
iane at sussex.ac.uk
Wed Oct 14 04:52:38 PDT 2009
--On 13 October 2009 09:32:20 -0700 "Murray S. Kucherawy"
<msk at cloudmark.com> wrote:
>> -----Original Message-----
>> From: ietf-dkim-bounces at mipassoc.org [mailto:ietf-dkim-
>> bounces at mipassoc.org] On Behalf Of John R. Levine
>> Sent: Monday, October 12, 2009 7:24 PM
>> To: Daniel Black
>> Cc: ietf-dkim at mipassoc.org
>> Subject: Re: [ietf-dkim] Is anyone using ADSP? - bit more data from the
>> receiving side
>> I can assure you that Paypal and eBay are quite aware of DKIM and ADSP,
>> and I have personally heard them encourage ISPs to drop unsigned mail
>> purporting to be from them due to the amount of forgery. Nonetheless,
>> they don't publish ADSP. This tells me that I'm not the only one who
>> thinks that there isn't a business case for ADSP.
> Another data point: Google Mail won't use ADSP because they will not
> discard someone's mail outright without a written agreement from the
> sending domain agreeing to same, absolving them of responsibility for
> mail that never arrives.
You mean that they won't publish ADSP records? Or that they won't respect
any ADSP records? Or that they won't discard "discardable" messages?
Logically, none of these things follow. Publishing ADSP records doesn't
mean that Google will discard anything, though it does grant permission for
others to do so. They have lots of other things that they can do as a
result of ADSP fails. Presumably, they'd be more aggressive with
quarantining mail if there's an ADSP record that renders a specific email
discardable. Heck, they could even argue that publication of
"dkim=discardable" does absolve them.
IT Services, University of Sussex
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the ietf-dkim