On Thursday 17 January 2008 13:12, John L wrote: > > My point is that there are different sorts of assertions: those > > suggesting that the receiver apply more scrutiny to messages from my > > domain are likely to be believable even if self-asserted, > > Why? I see no reason to assume this is true. > > The only practical evidence we have is that Paypal has told people through > informal channels that they sign everything and it's OK with them to > discard unsigned mail, but we already knew they're the biggest phishing > target around. > > My expectation is that a large majority of domains that would publish > strict SSP policies would be small mail systems with no more forgery > problems than anyone else, but an exaggerated idea of their own > importance. Sort of like the people who send you mail, then demand you > jump through C/R hoops when you respond to it. > And I wouldn't waste any more sleep over not getting mail because of uninformed publishing of a strict SSP record than I would about that.
Scott K _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
