[ietf-dkim] the danger of ADSP, was list vs contributor
mike at mtcc.com
Wed Jun 2 16:39:46 PDT 2010
On 06/02/2010 04:25 PM, Steve Atkins wrote:
> On Jun 2, 2010, at 4:10 PM, Michael Thomas wrote:
>> On 06/02/2010 03:47 PM, Douglas Otis wrote:
>>> On 6/2/10 2:43 PM, Michael Thomas wrote:
>>>> Instead of kvetching about ADSP, you might tell the list owners that their
>>>> list software heuristics are broken.
>>> Mailing lists are on higher ground, since they are not introducing the
>>> new mechanism.
>> When we let existing heuristics dictate what we can design on the net, then we have
>> failed. Heuristics by their nature are then things that need to deal with their own
>> shortcomings. The problem here is not with ADSP. It's bad assumptions made by heuristics.
> The "heuristic" here is that a 5xx ESMTP response means that the
> recipient is rejecting email from the sender, I believe. It's not really
> an obscure bit of existing practice, rather it's both "best" and "common".
No. The heuristic is "because I got a reject(s) from this subscriber delivering
his list mail, I'm going to kick him". That's a heuristic. It's not working right.
You could probably get the same bad outcome with a determined attacker not using
ADSP at all.
More information about the ietf-dkim