[ietf-dkim] more on discardable, was Lists "BCP" draft
dotis at mail-abuse.org
Wed May 26 14:03:49 PDT 2010
On 5/26/10 8:09 AM, SM wrote:
> Hi Doug,
> At 15:50 25-05-10, Douglas Otis wrote:
>> It should be possible for sending domains to detect mailing-list
>> conversations. When desired, they can then immediately publish
>> third-party authorization labels to allow ADSP exceptions. The
>> exception approach retains their ability to quickly mitigate any
>> reported abuse.
> I don't have a clue how to implement this. I can implement measures
> for the mailing lists I am subscribed to but it doesn't scale. Due to
> legacy reasons it would be impossible to "fix" the local-part anyway.
DKIM is a process handled by domain administrations, not individuals.
The third-party label authorization method scales to _any_ practical
level, and allows domain administrators a means to unilaterally resolve
reported issue involving third-party services. Whether these issues
relate to abuse or to refused and missing messages, the third-party
authorization scheme offers an easy and low overhead solution. Perhaps
in the future, mailing-list subscription acknowledgments could be
standardized to trigger any needed third-party authorization.
Of course, there should be facilities, such as user web pages, to deal
with potential refusal issues proactively. Exchanges of DKIM keys with
any number third-party services clearly does not scale, nor would this
> The short answer I would give is that it is not possible for the
> signer to detect mailing list conversations .
When the domain administration receives DSNs or MARFs indicating a
problem, they should also be able to recognize whether it involves a
trusted third-party service based upon content. A third-party
authorization method offers a practical means to extend ADSP "all" with
a method to mitigate possible disruptions. IMHO, "discardable" should
be limited to domains not sending mail.
As a side note:
Rather than using ADSP "discardable", it would be better to a mandate
the use of MX records. BNAME zones will soon make the use of address
records to discover MTAs impossible. As such, the Address Record
discovery should be depreciated.
Not delivering non-ADSP complaint email protects recipients, especially
those sorting From headers, which is a technique that offers protection
More information about the ietf-dkim