Hi Murray,
At 23:29 07-09-2011, Murray S. Kucherawy wrote:
>I don't think so.  How would it affect your use of the signature in 
>computing reputation?
>
>My theory is that any message in the DKIM world arrives with a set 
>of valid signatures on it.  That set might be empty.  Effectively, a 
>valid signature is a stamp on the message that means "This message 
>was handled by <d= domain>".  It's that stamp that can be used to 
>develop reputation; eventually your domain's stamp is tracked as 
>being associated with spammy content or legit content depending on 
>how tight you are with what passes through
I'm okay with the stamp idea.
>  it.  It doesn't necessarily mean that domain sent or authorized 
> the message, but merely that it handled the message.  (For some 
> domains you specifically trust, you could ascribe more meaning to 
> it than that, but this is the lowest common denominator.)
>
>The fact that the message arrives bearing one of the common header 
>fields identifying list traffic doesn't seem to matter in a model like that.
Once we get the stamp (or identifier), we can forget DKIM and move to 
the next step which is to make an inference.  The development of the 
inference, or reputation, would be based on heuristics.  We generally 
have to differentiate between the various types of traffic, i.e. one 
to one, many to many, etc.  mailing_list can be a datapoint; or do 
you consider it as not useful at all?
Regards,
-sm 
Received on Thu Sep 08 2011 - 07:05:28 PST
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thu Sep 08 2011 - 13:50:05 PST