[ietf-dkim] New Version Notification for draft-levine-dbr-00 (fwd)
Douglas Otis
dotis at mail-abuse.org
Tue Jun 22 12:04:58 PDT 2010
On 6/22/10 9:46 AM, J.D. Falk wrote:
> On Jun 21, 2010, at 1:00 PM, John R. Levine wrote:
>
>
>> As threatened, here's an I-D that says how one would publish a list of
>> domains for which it makes sense to discard unsigned mail.
>>
> Looks like a good start, and almost shockingly simple. Any MTA/MFA support yet? *grin*
>
If only it was simple. How do you envision the VBR scheme offering
protection for phished domains?
ADSP imposes a specific Author Domain policy related to DKIM.
Whereas, the VBR-Info header might apply against _ANY_:
i) DKIM signature domain, or
ii) Return-Path, or
iii) PRA. (from, sender, resent-*, etc.)
Except for Author Domains, these other domains are typically not visible.
Vouching information from a service selected by a vbr-info header can
now include a discard recommendation, in addition good/bad ratings used
to adjust spam scores.
Without a DKIM signature, the vbr-info header can include anything, and
make use of recycled domains in any of a number of invisible domains,
such as the return-path, resent-sender, etc.
How would vbr-info header and an additional discard status mitigate
abuse when it can be based on many invisible domains?
How will discard be different from returning extremely negative ratings?
The duration of domains used to phish is often measured in hours, where
an arbitrary use of path registration will not protect phished domains.
Wack-a-Mole does not work very well.
What protection will a Resent-Sender header offer when mitigating a
phishing problem?
Isn't vouching and reputation outside the DKIM WG?
BTW, does MFA mean Mail Forwarding Agent?
-Doug
More information about the ietf-dkim
mailing list