On 4/15/2014 6:20 PM, Pete Resnick wrote:
On 4/14/14 9:23 AM, Dave Crocker wrote:
Mediators, like mailing lists, take final delivery and post a new
message. In formal terms, it's legitimate for them to create a
different rfc5322.From field, including one that looks like some
sort of 'rewrite' of the one used by the original author.
It's legitimate for a mailing list to rewrite the author, but it would
be wrong. :-)
+1.
More seriously: If the mailing list wishes to express that I am the
author of *this message*, then I belong in the "From:" field. That
differs semantically from forwarding a message authored by me; then
the list is saying that the list is the author, and it is simply
quoting me, but that the list is the entity that should be considered
to have written the message. For most mailing lists, that seems like
the wrong semantics to try to convey.
There should be a mechanism for an author to send a message to a
mailing list, granting the mailing list permission to redistribute
that message, and have that permission conveyed to the mailing list
recipient such that when the mailing list recipient receives the
message, they can assure themselves that the originating domain is OK
with that redistribution. Sounds like some protocol which could be
written.
The methods was developed. It was discussed during SSP, proposed in
2006 DSAP I-D [1] as an Authorized, or Allowed Signer List (ASL), and
Murray wrote 2012 ATPS [2] to piggy back off the ADSP as an extension.
I've implemented ADSP, ATPS in our Mailing List Server (MLS). A
wizard was created [3] for public usages. A private version used for
customers for their DKIM manager. I've held back on DMARC support but
it will be the exact logic add.
(If the originating domain is expressly *not* OK with the
redistribution, the mailing list should bounce the message back to the
author saying as much.)
I would suggest it be more of an ACCEPT + NOTIFY with explanation
rather than bounce, but yet, the denial is needed. Its also described
in DSAP and I believed also in Murray's DKIM Mailing List BCP [4].
--
HLS
[1] DKIM Signature Authorization Protocol
http://tools.ietf.org/html/draft-santos-dkim-dsap-00
[2] DKIM Authorized Third-Party Signatures
http://tools.ietf.org/html/rfc6541
[3] DKIM Policy Zone Record Generator and Test Simulator v2.7
http://www.winserver.com/public/wcadsp
[4] DKIM and Mailing Lists
http://tools.ietf.org/html/bcp167