> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Scott Kitterman > Sent: Tuesday, January 24, 2012 7:00 AM > To: [email protected] > Subject: Re: [marf] I-D Action: draft-ietf-marf-dkim-reporting-04.txt > > On Tuesday, January 24, 2012 01:29:35 PM John Levine wrote: > > >- move all the broken signature reporting into the signature itself > > >by making them extension DKIM-Signature tags, rather than putting > > >them in the key records in the DNS; the revised design doesn't > > >require DNS queries for failed signatures that don't otherwise need > > >them > > > > Let's say I put this line in the header of a bazillion messages in a > > spam run: > > > > DKIM-Signature: v=1; d=blackops.org; s=bogus; b=foo; bh=bar; h=baz; > > r=murray; > > > > I've just indirectly mailbombed you. Oops. The domain has to publish > > something about its willingness to get reports, not unlike the way > > that ADSP publishes a record about what to do if there's no signature > > that matches the From: domains. Perhaps something like this: > > I agree with it going in a DNS record, not in the signature for exactly > the reasons you state.
The bottom part of Section 8.4 talks about not sending these automatically, which is kind of in line with what we tell people about FBLs. Should this just be normative? It's the same as the DNS idea except the indication is explicit rather than something published, and we're not putting yet another record in the DNS. -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
