I hope the message here is not that we should restrict ourselves to developing technology that is idiot-proof, since a sufficiently determined idiot, of which there are many, will do idiotic things with any technology that we never in a million years would have anticipated. However, ... >The difficulty is that establishment of such a mechanism makes >it very easy for, e.g., an ISP that wants to "protect its >customers from spam" and reduce spam traffic on its backbone to >say "aha, any message that isn't validated/authorized by someone >whom we recognize is obviously hostile and should be silently >dropped". And the only sources they are likely to recognize are >members of their own messaging cabal. ... People have been building e-mail walled gardens as long as there has been e-mail. Fifteen years ago there were lots of disjoint mail systems, none of which remain except perhaps as gateways to the world of SMTP mail. One favor that the SPF crowd did for us was to give the aforementioned idiots a chance to find out what a bad idea it is to reject mail arbitrarily from people who don't jump through their hoops, so nobody rejects for SPF failure any more. People who use C/R against people not on their whitelists have found the same thing -- they all check the folder of unconfirmed mail because they know there's lots of real mail from people who won't hoop jump. If the idiots were to latch on to DKIM and start rejecting valid mail, like they have to the past umpteen magic bullets, why do you expect the results to be any different? R's, John _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf