[ietf-dkim] list vs contributor signatures, was Wrong Discussion
Ian Eiloart
iane at sussex.ac.uk
Wed Apr 28 04:54:27 PDT 2010
--On 27 April 2010 12:34:56 -0400 "John R. Levine" <johnl at iecc.com> wrote:
>
> Most lists will break signatures, for a variety of reasons that aren't
> going to change, starting with subject line tags. If the signature is
> broken, you need something else so the list can assert that a message was
> signed when it arrived. But such assertions are only credible if the
> list itself is trustworthy. If you already know you trust the list, how
> much practical benefit is there to the assertion?
Not much. It seems to me that the best application of DKIM here would be to
ensure that posters to closed lists are (likely to be) who they say they
are.
For example, a user could assert that all their posts will be signed, or a
list manager could assert that only signed emails will be accepted from
certain domains.
I manage a list server that is frequently spammed. Not much of the spam
gets through, but occasionally a spammer gets lucky and picks a sender
address that gets through.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the ietf-dkim
mailing list