--On 13 October 2009 14:36:24 -0700 [email protected] wrote:
> Tom, > > That would be great !! A word of caution regarding ADSP. It allows you to assert that some or all of messages with a From: header address in your domain are signed. Clearly "some" isn't very useful. It also allows you to say messages From: your domain are discardable if they don't carry a valid signature. There's currently great debate about how one should handle such messages when they've been broken by mailing lists. My view is that lists should not forward "discardable" messages if they're about to break the signature, but should forward other messages. Lists should also re-sign, after checking the inbound message. And recipients should attempt to validate the list, not the original sender. > > > Sent by: [email protected] > To: [email protected] > cc: Exim Users <[email protected]>, [email protected] > Subject: Re: [exim] [exim-dev] Testing Exim 4.70 prerelease > LSN: Not Relevant - Not Privileged > User Filed as: Excl/AdminMgmt-14-4/QA:N/A > > [email protected] schrieb: > >> 'dkim_verify_signers' option, but how does that stay up to date as more >> and more (hopefully) people adopt? How can a domain tell me, that any >> message I receive from them had better be signed and pass? > > This is done in ADSP > (http://en.wikipedia.org/wiki/Author_Domain_Signing_Practices). > > Since the standard was only recently turned into an RFC, actual > deployment is still very low. > > I'll add ADSP to Exim. > > /tom > > -- >## List details at http://lists.exim.org/mailman/listinfo/exim-users >## Exim details at http://www.exim.org/ >## Please use the Wiki with this list - http://wiki.exim.org/ -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
