[ietf-dkim] FW: An issue with DKIM reporting extensions
Rolf E. Sonneveld
R.E.Sonneveld at sonnection.nl
Wed Oct 13 08:07:34 PDT 2010
On 10/13/10 3:29 PM, John Levine wrote:
>> - In order to make use of ADSP, Y needs to change which MTA it's
>> using. This is almost certainly an expensive effort.
>> - Y simply can't use ADSP.
>> - The DKIM reporting extensions should have a flag that says DSNs
>> should not cause generation of fraud reports.
> I'll take "none of the above", Alex.
Murray brought this up.
> I've seen a enough spam masquerading as DSNs that I really wouldn't
> want to give DSNs a free pass. I also think that history has not been
> kind to people who made permanent changes to standards to work around
> temporary software limitations. If the MTA can't sign its DSNs, that's
> a bug, no matter how popular it is.
From the ADSP all/discardable point of view this is a bug. Not signing
a message or DSN in itself is not a bug, of course ;-) Although we all
hope that there will be one day that signing with DKIM is the de facto
(or should we say de jure) standard and not signing with DKIM becomes a
> (Come to think of it, my MTA has
> the same issue, although since I will never publish dkim=all, it's
> not functionally a bug.)
> If people are serious about signing all their mail, they should sign
> all their mail.
We have seen ADSP can cause issues with MLMs. Now we see that it can
cause problems with DSNs (and feedback reports, see below) as well. This
is input to item 3. of the current charter.
> Maybe they'll switch MTAs, maybe their popular MTA
> will eventually fix the DSN signing bug, and then they can publish
Talking about fraud reports, let's not forget that these fraud reports
need to be signed with DKIM by every domain, that is publishing an ADSP
all or discardable policy. Of course DSN's and fraud reports etc. could
be signed with a specific subdomain (e.g. notifications.example.com) or
a special selector (e.g. s=notifications), to identify the different
nature of this mail stream?
More information about the ietf-dkim