>> I just don't see a plausible scenario where you you know you trust the >> list but still want to accept or reject mail based on assertions the >> list itself makes.
> How about you trust the list, and it says the inbound message wasn't > signed? The list has left the value judgement to the recipient. I've been using mailing lists for 35 years, and I cannot recall any where the list manager threw up his hands and didn't manage the list's contents. The conceptual model of mailing lists has been consistent for decades: the list picks mail to pass along using whatever manual or automated process it uses, and subscribers accept the mail the list sends. I don't see the point in trying to retroactively redefine the ways that lists work to try to shoehorn them into the limits of poorly desiged security add-on. See "forgery" for another example of the same newthink, in which the SPF crowd tried to persuade the world that SPF's failure to handle long established forwarding models was the fordwarders' fault. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html