Skip to Content.
Sympa Menu

ddx - Re: [ddx] DKIM and forwarding

Subject: DKIM Deployment

List archive

Re: [ddx] DKIM and forwarding


Chronological Thread 
  • From: Jim Fenton <>
  • To: Serge Aumont <>
  • Cc: Jesse Thompson <>,
  • Subject: Re: [ddx] DKIM and forwarding
  • Date: Thu, 14 Jan 2010 10:28:22 -0800
  • Authentication-results: sj-iport-5.cisco.com; dkim=neutral (message not signed) header.i=none
Serge Aumont wrote: 
Hi

On 13/01/10 23:40, Jim Fenton wrote:
  
List expansion -- There is a school of thought that messages that pass
through mailing lists aren't really forwarded at all, they're sent
anew by the list manager.  Reasonable people disagree on this, but for
those that argue that the messages are sent anew, it's appropriate
that the signature come from the list manager.  Personally, when I
subscribe to a mailing list, I want all the messages on the list, and
if there's spam on the list, I expect the list owner to police that or
I will probably unsubscribe.  So I'm really more interested in
whitelisting the mailing list than the participants, and therefore am
more interested in a DKIM signature from the mailing list than whether
or not the participants' signatures survive.
    

I agree with this strategy but unfortunately it makes ADSP usefulness
for almost every domain. If a domain is using an ADSP record value 
"discardable" .

Suppose "cru.fr" ADSP record is discardable and "internet2.edu" resign
messages before to redistribute them to ddx subscribers. Messages from
cru.fr  will be received with a valid signature but not from the right
domain. The message should be droped. "discardable" is the only
interesting ADSP record, where the real meaning of "all" is "don't known
what you should do with that mail" and real meaning of "unkown" is "this
domain don't use ADSP".

So which domain can use ADSP with a real added value ? Domain without
real users ?

"discardable" is really intended for transactional domains, which should not be sending their mail through mailing lists.  Based on the way that you are sending mail from cru.fr, I would say that it should not publish a "discardable" ADSP record.

Although it remains to be seen how evaluators actually use ADSP "all", a reasonable approach might be to give a positive increment to the spam score unless there is a valid author domain signature.  That increment, in turn, might be negated by a valid signature from a mailing list domain.

-Jim


Archive powered by MHonArc 2.6.16.

Top of Page