On Mon, 8 Aug 2011, Douglas Otis wrote: > The concept behind the TPA scheme was to enable services on behalf of > senders that lack requisite staffing to support this level of policy > effort when using open-ended third-party services. The list of open
I don't see how that can work anytime soon for the use-case that concern me, that of ordinary end-users at a consumer ISP posting to mailing lists. I suppose you could implement a central whitelist of mailing lists, but some mailing lists are easier to forge than others. If a weak mailing list gets on to the whitelist, then you have a policy just as easy to bypass as except-mlist. But if a mailing list *that people actually use* can't get on the whitelist, you have false positive rejections. > Why should white-listing mailing-lists or open third-party services > become a burden for the recipient or their administrator? Better I'm not seeking to *impose* that burden as a sender, I'm looking for the opprotunity to *accept* that burden as a recipient, so as to reduce my incoming false negative rate. Many recipients can't take up the burden, and thus cannot detect forgeries of except-mlist domains. But they lose nothing compared to the world with just "unknown" and "discardable". (I'm not counting "all" since it is too vague...) ---- Michael Deutschmann <mich...@talamasca.ocis.net> _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html