[ietf-dkim] DKIM Japan has been set up
Ian Eiloart
iane at sussex.ac.uk
Tue Nov 23 03:14:53 PST 2010
--On 22 November 2010 09:25:26 -0800 Steve Atkins <steve at wordtothewise.com>
wrote:
>
> ADSP is better than SPF, but it's still not something anyone
> should consider deploying widely as a primary means
> of deciding to discard inbound email.
Actually, they're complementary. In places where DKIM fails (mailing lists
rewriting messages), SPF can succeed. And in places where SPF fails
(message forwarding), DKIM can succeed.
Messages can have a reasonable level of trust if they achieve either an SPF
pass for a trusted domain, OR an DKIM verification for a trusted signer. Of
course, you still need to check for malware and be wary of messages from
compromised accounts.
Deployment of SPF and DKIM are both low enough that you can't either reject
or discard messages simply because they don't pass or verify. But, we
already give a small negative spam score for SPF softfail and neutral
results, and haven't had any complaints. For DKIM it's harder, but for
certain author domains (including those that publish ADSP discardable, it
might be worth considering downgrading messages - especially when combined
with SPF fail/neutral/softfail).
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the ietf-dkim
mailing list