On Dec 19, 2007, at 10:06 AM, Damon wrote:
As an operations person, I imagine that I would have a type of
double-check. I certainly would be monitoring how many good
signatures that I would be getting from sources that sign. If
suddenly my average good sign for a particular site went down
As an operations person, I imagine that I would have a type of
double-check. I certainly would be monitoring how many good signatures
that I would be getting from sources that sign. If suddenly my average
good sign for a particular site went down and my average bad sign went
up, it would cause me t
I would assume that a valid unbroken signature would be reputation
checked and lightly filtered
Where a broken or no signature would get full scrutiny by all the tools
at my site.
That is the easiest way (for me) to handle the message flow
Thanks,
Bill Oxley
Messaging Engineer
Cox Communication
Is no signature equivalent to a bad signature?
Is a bad signature the result of malice or accident?
Some don't distinguish between these cases, arguing that favoring
bad signatures over no signatures only encourages criminals to send
mail with bad signatures. For example:
Doug Otis:
> This dubi
On Tue, 18 Dec 2007 19:19:28 -, Douglas Otis <[EMAIL PROTECTED]>
wrote:
On the contrary, less confidence on what a true NO signature condition
provides.
This dubious strategy provides a significant incentive for bad actors to
insert "bogus" DKIM signatures.
Would it matter whether t
On Wed, 19 Dec 2007 06:27:55 -, Eliot Lear <[EMAIL PROTECTED]> wrote:
Bingo. We are wasting time on what I think is an extraordinary
superficial issue. Jim's original term "Suspicious" was defined within
the document, and did not in itself mean that the message was a forgery
- just that ex