Tony Finch wrote: > On Mon, 8 Oct 2007, Keith Moore wrote: > >> It's a combination of several things - one, requiring that a domain >> operate its own mail submission servers which sign their mail (and all >> that that implies, like maintaining the private keys). >> > > That's just part of running a mail system. > yes, but it's not inherently part of running a mail domain. it's unreasonable to require everyone to use mail submission servers that are entrusted with their domain's DKIM private keys. >> Two, many domains will be too small to develop enough of a reputation to >> be whitelisted, and any spammer can create a temporary domain which will >> have about as good a reputation as the vast majority of those domains. >> > > Free domain tasting is a problem that affects lots of reputation system, > not just ones based on DKIM. If ICANN were to eliminate it lots of things > would become easier. > it's a problem even without "free domain tasting". > Also, at the moment negative reputation is more useful (or at least easier > to use) than positive reputation so I don't see neutral reputation as a > bad thing (er, by definition it isn't). > negative reputation of a domain is of minimal value, because spammers will just get a new domain (or several) every time they wish to spam, and the new domains will have neutral reputation. >> Three, as long as people use Windows boxes, spammers will be able to >> compromise them and hijack them to use them to originate mail on behalf >> of their domains, thus degrading those domains' reputation. >> > > The criminals can steal infected users' online banking credentials too, > which is far more worrying. Everyone has to keep their networks clean for > many reasons, not just spam. > nuclear war is more worrying too. but that doesn't mean that the ease in compromising PCs isn't a big contributor to the spam problem. as for "keeping...networks clean", well, of course people should try to do that. but as far as I can tell, so far it's more of a laudable goal than a practical reality. Keith _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf