Sorry, I guess I was unclear. When I was talking about adoption meant as verifiers, not signers.
I'm not concerned about unsigned messages. I'm concerned about verifying signed messages. When a MUA syncs a message that has a DKIM signature, if there's no A-R header, the MUA has to do its own verification to know if that signature is valid. And even if there _is_ an A-R header, the MUA needs some mechanism to know it was actually inserted by the MDA. - Phillip Sent from my iPhone > On Aug 29, 2025, at 5:40 PM, John R. Levine <[email protected]> wrote: > > On Fri, 29 Aug 2025, Phillip Tao wrote: >> Now, you could say that the MUA also has no way to know whether the mail >> provider correctly implements sending or receiving either, but I would argue >> that the difference is that those are core functions that have been defined >> and widely implemented for decades longer than either the DKIM or A-R RFCs >> have existed. As I'm sure you know, there is a very long tail of MTAs out in >> the wild. It's not unreasonable to imagine that there's a sizable portion of >> those which have not yet adopted DKIM or A-R headers. > > Since it's basically impossible to get mail into Yahoo without a DKIM > signature, and pretty hard into Google or Outlook, I would be surprised if > there was an interesting amount of unsigned mail. Perhaps we can ask people > we know at large providers what they see. How much do you see at iCloud? > > There are millions of VPS with preinstalled MTAs that don't have any > authentication configured, but since they send close to no mail, I don't see > why we would care. > > Regards, > John Levine, [email protected], Primary Perpetrator of "The Internet for > Dummies", > Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ Ietf-dkim mailing list -- [email protected] To unsubscribe send an email to [email protected]
