[ietf-dkim] detecting header mutations after signing
Charles Lindsey
chl at clerew.man.ac.uk
Thu Oct 21 04:49:19 PDT 2010
On Wed, 20 Oct 2010 18:32:44 +0100, John R. Levine <johnl at iecc.com> wrote:
>> A reputation service can only say that a domain is
>> BAD
>> GOOD
>> or NO EVIDENCE AVAILABLE EITHER WAY.
>>
>> I think the last case has to be treated pretty much like GOOD, otherwise
>> newcomers to the internet will never even get their messages accepted.
>
> Heck, no. Treat it like there's no signature at all, and filter it like
> one does now.
So if I (being a perfectly honest citizen) create some brand new internet
service, which needs to be secure; and if I secure it by signing all
emails sent to my clients plus declaring an ADSP policy of 'discardable',
then you want all messages sent to my clients on day 1 of the service to
be discarded at my clients' boundaries because, not yet having established
any reputation, my messages are to be treated as unsigned, and hence
discarded in accordance with my ADSP setting????
And it the reputation services discover that all mails sent from my domain
are being discarded, they will start to create a Bad reputation for me,
instead of the Good one that I hoped to acquire as my new service became
known.
No, lack of reputation has to be treated as entirely neutral. Bad
reputations have to be earned by performing Bad deeds.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
More information about the ietf-dkim
mailing list