[ietf-dkim] DKIM on envelope level
Ian Eiloart
iane at sussex.ac.uk
Mon Nov 2 03:20:35 PST 2009
--On 30 October 2009 19:52:54 +0100 Eliot Lear <lear at cisco.com> wrote:
>
> I can't say, but I do know that many of us toss a whole lot of mail at
> EHLO, some at MAIL FROM:<> and some at DATA. The idea I was thinking
> about was whether it provides any value whatsoever to at least know that
> you are authentically dealing with a legitimate source sooner, without
> having to send even a whole header.
Yes it would help, but probably not more than an SPF pass would help. What
do you get from that? Well, you can check the reputation of the MAIL FROM
address. You can defer content scanning, and do it post SMTP because you
can safely generate a bounce message if you've verified the MAIL FROM
address.
Given that 90% of the messages that pass through my content scanners are
accepted, that means that I'd reduce the live load on my content scanners
by 90% if all the good guys were properly identifying themselves. Having
said that, SPF passes would do the job much of the time.
I don't imagine that there's be much benefit in inspecting the headers
before accepting the body, though.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the ietf-dkim
mailing list