Implications of DKIM signing for DCC filtering?

Gary Mills mills@cc.umanitoba.ca
Tue May 29 19:02:06 UTC 2007


I've just been reading about Domain Keys Identified Mail at:

	http://dkim.org/

It's quite impressive, although it has some intentional limitations.
I'd expect that companies that are frequent `phishing' targets, such
as banks, will start signing their e-mail as soon as they can.

How will DKIM signing fit into DCC?  I assume that DCC will be a good
place to verify signatures.  Should signed and verified messages be
exempted from bulk mail rejection by DCC?  I assume it's not that
simple.

Organizations that sign e-mail messages must take responsibility for
those messages, but I assume that the level of responsibility will
vary.  In the case of a bank, the e-mail senders will be employees,
but in the case of an ISP, they will be customers.  The relationship
between the organization and the e-mail sender is quite different in
these two cases.  There will also be some organizations whose business
is sending bulk mail.  I can see a need for reputation ratings, along
with whitelists and blacklists of domain names.  How much of this wil
fit into DCC?

-- 
-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.