Charles Lindsey wrote:
A whitelist is useful as soon as a single recipient (filter, user,
whatever) can apply it.
Be careful there. We want people out there to welcome and accept these
protocols when they start to be deployed. A huge spate of false
positives and false negatives will rapidly
Charles Lindsey wrote:
On the contrary, it is the Sender header if present that should be the
decider, and only the From if Sender is absent. People keep ignoring
the fact that there can be several addresses in a From header (in
which case Sender is obligatory).
It's not entirely forgotten; s
william(at)elan.net wrote:
Neither one the designers of DK[IM] are particularly interested in
dealing with as is evident in previous discussions in regards to
"3rd-party" policy considerations or 3rd-party signers.
Your use of "neither one" in this context rather than "none of" implies
ther
>First, I see nothing wrong with someone writing a draft for netnews,
>but this is well beyond this group's scope, IMHO.
Having written and run my share of gateways between mail and usenet
over the past 25 years, I have to agree. Mail and news are similar,
but they are different enough that I've
Michael Thomas wrote:
Can somebody explain to me what an "irregular" mailing list is?
Same here.
Long and short, my feeling is: SSP publish what it actually does; describe
the mechanism for looking up anything based on a rfc2822 address, and
just give some non-normative guidance about which
- Original Message -
From: "william(at)elan.net" <[EMAIL PROTECTED]>
Gatewaying from newsgroup is a case equivalent to email coming from mail
list.
+ 0.8 See below.
Neither one the designers of DK[IM] are particularly interested in dealing
with as is evident in previous discussio
Direction #1 - incoming EMAIL
Sure. Gatewaying dkim-signed stuff *from* email is no problem.
Agreed.
Direction #2 - outgoing, replies to support questions
If posting via the RFC NEWSREADER, the NNTP Server will transform the
NNTP article to EMAIL.
.
In either case, the SMTP outgoing
On Oct 16, 2006, at 2:08 PM, Hallam-Baker, Phillip wrote:
I am very unhappy with the past behavior of the DNS directorate. In
particular they have in the past demonstrated a complete failure to
accept the fact that protocols have to be compatible with
deployment constraints.
DNSSEC has b
- Original Message -
From: "Charles Lindsey" <[EMAIL PROTECTED]>
Unfortunately, the world is already way beyond 1 to 1 EMAIL.
You're kidding? Private mail is obsolete?
No. But a lot of Email is NOT private (this List for a start).
Ok, so GROUP and/or GROUP-like mail systems
On Fri, 24 Nov 2006, Charles Lindsey wrote:
If posting via the RFC NEWSREADER, the NNTP Server will transform the NNTP
article to EMAIL.
Yes, that is the interesting case. A news2email gateway is, from the POV of
this WG, just another agent for generating emails (and as such it is on topic
On Fri, 24 Nov 2006 12:20:00 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
- Original Message - From: "Charles Lindsey"
<[EMAIL PROTECTED]>
And that MUST is going to haunt us again when EAI happens,
because both From and Sender may well get changed in transit.
A retransmissi
On Fri, 24 Nov 2006 14:17:46 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
This might not be related but I think that we have confuse DKIM in the
last 5-8 months with these "layman" constructs when really what we
should be distinguishing it with as "Technical Constructs" such as:
"
On Fri, 24 Nov 2006 13:07:40 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
Direction #1 - incoming EMAIL
If the original EMAIL is DKIM signed, then our SMTP processor will
validate it. Once validated, our gate will move it into the "support"
conference/newsgroup.
Sure. Gatewaying dki
On Fri, 24 Nov 2006 16:13:20 -, Stephen Farrell
<[EMAIL PROTECTED]> wrote:
Charles Lindsey wrote:
I think it is up to the DKIM WG to try to spot all the things that are
likely to break when DKIM starts to be implemented, and to do what it
can in its drafts to forestall them.
No. "
On Fri, 24 Nov 2006 16:28:18 -, Eliot Lear <[EMAIL PROTECTED]> wrote:
Charles Lindsey wrote:
We don't want the mailing list admin to reject is as being unsigned.
Maybe the gateway should have signed it (quite a good edea that, and
then the SSP and reputation of the gateway would come int
Michael Thomas wrote:
> Can somebody explain to me what an "irregular" mailing list is?
A mailing list modifying mails in ways not covered by the relevant
RFCs (1123, 2821, and the List header field stuff). From our POV
anything that doesn't fly with DKIM.
> If SSP is just an information servi
Stephen Farrell wrote:
Frank Ellermann wrote:
As they SHOULD NOT be used on _irregular_ mailing lists. Maybe more
cases, we should ask the 'lemonade' folks what they think about this
"I (defined by 2822-From) sign everything DKIM-complete" construct.
Good idea. Do you know who to ask? If so
First, I see nothing wrong with someone writing a draft for netnews, but
this is well beyond this group's scope, IMHO. There are many types of
mail systems, and they all may require some transformations and some
special treatment.
Charles Lindsey wrote:
We don't want the mailing list admin to
Charles Lindsey wrote:
... If you post via NEWS you are
talking about GATING to a EMAIL system. What are the rules here? Do
you hash the NNTP required headers? Do you strip them?And vice a
versa? Same issues.
That is exactly the question this thread is attempting to address.
Charles Lindsey wrote:
On Fri, 24 Nov 2006 11:17:01 -, Stephen Farrell
<[EMAIL PROTECTED]> wrote:
Frank Ellermann wrote:
Another obvious case which should be explicitly mentioned in the
'DKIM-signing-complete' explanation is SenderID spf2.0/pra: Even
if we don't care about PRA, a PR
On Fri, 24 Nov 2006 11:17:01 -, Stephen Farrell
<[EMAIL PROTECTED]> wrote:
Frank Ellermann wrote:
Another obvious case which should be explicitly mentioned in the
'DKIM-signing-complete' explanation is SenderID spf2.0/pra: Even
if we don't care about PRA, a PRA == 2822-From is a norma
Stephen Farrell wrote:
>> What about two minor points in this thread:
>> 1 - Is the "sender" in 4.1 4th paragraph actually an "author" ?
>> 2 - What exactly happens with Alice's SSP in scenario 5.3 ?
>> Should that also get new tickets, or is it obvious / irrelevant ?
> They sound sufficiently li
On Fri, 24 Nov 2006 11:57:01 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
- Original Message - From: "Charles Lindsey"
<[EMAIL PROTECTED]>
To: "DKIM"
Sent: Friday, November 24, 2006 6:02 AM
Subject: Re: [ietf-dkim] ISSUE: Better definition of "DKIM signing
complete"required
Frank Ellermann wrote:
Stephen Farrell wrote:
this is issue#1398 now btw, so we'll be coming back to decide it
Yes, we got the same mail with the ticket number from Eliot. What
about two minor points in this thread:
1 - Is the "sender" in 4.1 4th paragraph actually an "author" ?
2 - What
Stephen Farrell wrote:
>> we should ask the 'lemonade' folks what they think about this
>> "I (defined by 2822-From) sign everything DKIM-complete" construct.
> Good idea. Do you know who to ask? If so, do so!
I've started to read their list (after subscribing it via GMaNe) less
than a week ag
Frank Ellermann wrote:
As they SHOULD NOT be used on _irregular_ mailing lists. Maybe more
cases, we should ask the 'lemonade' folks what they think about this
"I (defined by 2822-From) sign everything DKIM-complete" construct.
Good idea. Do you know who to ask? If so, do so!
Thanks,
S.
__
Stephen Farrell wrote:
> this is issue#1398 now btw, so we'll be coming back to decide it
Yes, we got the same mail with the ticket number from Eliot. What
about two minor points in this thread:
1 - Is the "sender" in 4.1 4th paragraph actually an "author" ?
2 - What exactly happens with Alice'
Hector Santos wrote:
> are you proposing, suggesting, hinting, a new possible technical
> constructs for NEWS?
I did that some months ago (early 2006), and it was rejected as too
obscure. But we have everything in place to adopt DKIM for Netnews
later, most important the registry of canonicaliza
Stephen Farrell wrote:
>> Read the EAI drafts.
> Which? (There are 8)
> I'd be glad to get a better pointer to how EAI and DKIM might
> interact,
For the purposes of DKIM look at I-D.eai-framework-03, that's
more or less ready (= post WGLC, pending nits are editorial).
It has an informative refe
Hi Frank,
Frank Ellermann wrote:
Stephen Farrell wrote:
I don't think its too verbose, but I don't understand how it
answers the question I asked ;-)
You want to add a requirement "The protocol MUST...state..."
I wanted you to give me a strawman statement that would meet
that requirement
Hector Santos wrote:
> The SPECS only require its for BOUNCE purposes in POST SMTP delivery
> checks and no other reason. Once thats done, you don't need it - not
> for SMTP or POP3 or IMAP purposes.
I can't recall how often I've posted the relevant part of RFC 3834 in
the last 30 months. The
Frank Ellermann wrote:
Stephen Farrell wrote:
I don't think its too verbose, but I don't understand how it
answers the question I asked ;-)
You want to add a requirement "The protocol MUST...state..."
I wanted you to give me a strawman statement that would meet
that requirement (that you th
Stephen Farrell wrote:
> I don't think its too verbose, but I don't understand how it
> answers the question I asked ;-)
> You want to add a requirement "The protocol MUST...state..."
> I wanted you to give me a strawman statement that would meet
> that requirement (that you think is reasonable
Stephen Farrell wrote:
I think that last is a fair point. But I'm still not convinced that
it's up to the DKIM WG (now) to figure out all details of all such
gatewaying cases, which is where we'd be heading if we start on that
road.
+1.
We haven't completely nail down the integrity alteratio
Frank Ellermann wrote:
Hector Santos wrote:
[post-SMTP Return-Path]
there is no guarantee it will passed on to the next process.
NAK. The guarantee is in STD 10, STD 11, 2821, 2822, and 3834.
It's only stripped in scenarios behind mail2fido, mail2outlook,
mail2news, or similar gateways, but
- Original Message -
From: "Charles Lindsey" <[EMAIL PROTECTED]>
On the contrary, it is the Sender header if present that should
be the decider,
Who says?
RFC 2822, which makes it clear that the Sender, if present, indicates
where the email _really_ came from.
But it is not th
Charles Lindsey wrote:
No, it is NOT a retransmissiom. Read the EAI drafts.
Which? (There are 8)
I'd be glad to get a better pointer to how EAI and DKIM might
interact,
Ta,
S.
___
NOTE WELL: This list operates according to
http://mipassoc.org/dk
- Original Message -
From: "Charles Lindsey" <[EMAIL PROTECTED]>
To: "DKIM"
Sent: Friday, November 24, 2006 6:02 AM
Subject: Re: [ietf-dkim] ISSUE: Better definition of "DKIM signing
complete"required
On Fri, 24 Nov 2006 00:07:06 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
Ch
Hector Santos wrote:
>> On the contrary, it is the Sender header if present that should
>> be the decider,
> Who says?
STD 11. In Dave's classic "secy@ example" boss@ tells secy@
to send mail "from boss@ to somebody@". The boss@ won't tell
secy@ which mail route to use, secy@ decides these det
On Thu, 23 Nov 2006 19:00:28 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
Charles Lindsey wrote:
That is what we need to stop trying to impose. What is consistent in
all systems is a 2822.FROM and that is what DKIM/SSP is based on.
Then DKIM/SSP is WRONG, because it can't work like th
Douglas Otis wrote:
On Thu, 2006-11-23 at 21:18 -0500, Hector Santos wrote:
DKIM will never be effective at blocking spam. Spoofing can only be
stopped by comparisons with lists established by recipients, such as
utilizing their address-book.
I totally disagree and I don't see that is req
Frank Ellermann wrote:
Stephen Farrell wrote:
[proposed requirement]
"The protocol MUST state what 'DKIM signing complete' precisely
means wrt common practises like resending, news, and other uses
of a 2822-From address".
Two questions:
Can you provide us with an example of the kind of
On Fri, 24 Nov 2006 00:07:06 -, Hector Santos <[EMAIL PROTECTED]>
wrote:
Charles Lindsey wrote:
Because news and email regularly get gatewayed into each other.
But this suggest that you have a DKIM-NNTP based protocol...
It suggests no such thing. Read what I wrote and respond to t
Stephen Farrell wrote:
[proposed requirement]
>> "The protocol MUST state what 'DKIM signing complete' precisely
>> means wrt common practises like resending, news, and other uses
>> of a 2822-From address".
> Two questions:
> Can you provide us with an example of the kind of statement
> you
On Thu, 2006-11-23 at 21:18 -0500, Hector Santos wrote:
> > DKIM will never be effective at blocking spam. Spoofing can only be
> > stopped by comparisons with lists established by recipients, such as
> > utilizing their address-book.
>
> I totally disagree and I don't see that is required for us
45 matches
Mail list logo