----- Original Message ----- From: "Douglas Otis" <[EMAIL PROTECTED]> To: "Hector Santos" <[EMAIL PROTECTED]>
>>> Wietse wrote: >>> >>> I get mail that pretends to be from my bank. The SSP >>> says the mail is 100% pure non-forged. However, the >>> DKIM-BASE signing domain is not in my list of trusted >>> signing domains. I get a warning that this mail could be >>> sent by a party that I have no relationip with. >> Hector wrote: >> That's fine by me Wietse, but keep in mind that you mistaken by >> continuing to use a magic wand to change an apple into an orange, >> by using reputation is part of the total solution when in fact, it >> is suppose to be out of scope in this WG. > Hector, > > You have completely missed what was being said. Where do you even > see the word reputation? Semantics. Any predefined Trusted List, black or white, concept as Wietse mentioned above, is a "reputation" concept. It means you KNOW something about them as oppose when you would not nearly 80% of the times which is where most of the internet email problems lies with abusive malicious anonymous (unknown) senders. -- Hector Santos, Santronics Software, Inc. http://www.santronics.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html