[ietf-dkim] open-source IP Address reputation-building engine?
iane at sussex.ac.uk
Fri Jul 16 09:40:29 PDT 2010
--On 16 July 2010 08:40:55 -0700 Douglas Otis <dotis at mail-abuse.org> wrote:
> On 7/16/10 7:11 AM, Ian Eiloart wrote:
>> Yes, but why ask on a DKIM mailing list? I speculate that Dave wants
>> to modify it to build a reputation engine based on Author address, for
>> DKIM signed messages. With that, you don't have to forgive bad apples
>> just because they share an IP address with lots of good senders. Add
>> in reputation for envelope sender addresses when SPF passes, and you
>> have *per sender* reputation database for (for us) the majority of
>> inbound mail (that's passed IP reputation tests).
> Clearly, your suggestion is not related to DKIM, which makes no identity
> claim beyond the signing domain.
But, if I get an email purporting to be from a gmail account, and it's
signed by the gmail.com domain, I reckon I'm going to assume that its safe
to apply a reputation score to the sender address.
My suggestion has nothing to do with ADSP, or unsigned messages, and
everything to do with email that carries a good signature. About 80% of
signatures that I inspect are good.
IT Services, University of Sussex
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the ietf-dkim