--On 13 October 2009 14:36:24 -0700 Dan_Mitton@??? wrote:
> Tom,
>
> That would be great !!
A word of caution regarding ADSP. It allows you to assert that some or all
of messages with a From: header address in your domain are signed. Clearly
"some" isn't very useful. It also allows you to say messages From: your
domain are discardable if they don't carry a valid signature.
There's currently great debate about how one should handle such messages
when they've been broken by mailing lists. My view is that lists should not
forward "discardable" messages if they're about to break the signature, but
should forward other messages. Lists should also re-sign, after checking
the inbound message. And recipients should attempt to validate the list,
not the original sender.
>
>
> Sent by: exim-users-bounces@???
> To: Dan_Mitton@???
> cc: Exim Users <exim-users@???>, exim-dev@???
> Subject: Re: [exim] [exim-dev] Testing Exim 4.70 prerelease
> LSN: Not Relevant - Not Privileged
> User Filed as: Excl/AdminMgmt-14-4/QA:N/A
>
> Dan_Mitton@??? schrieb:
>
>> 'dkim_verify_signers' option, but how does that stay up to date as more
>> and more (hopefully) people adopt? How can a domain tell me, that any
>> message I receive from them had better be signed and pass?
>
> This is done in ADSP
> (http://en.wikipedia.org/wiki/Author_Domain_Signing_Practices).
>
> Since the standard was only recently turned into an RFC, actual
> deployment is still very low.
>
> I'll add ADSP to Exim.
>
> /tom
>
> --
>## List details at http://lists.exim.org/mailman/listinfo/exim-users
>## Exim details at http://www.exim.org/
>## Please use the Wiki with this list - http://wiki.exim.org/
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see
http://www.sussex.ac.uk/its/help/