LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Reaction to 14.5 and domain keys

Eric Thomas <[log in to unmask]>

Tue, 7 Mar 2006 16:59:25 +0100

text/plain (56 lines)

> My read of domain keys, we need our MTA using it everywhere for it to 
> be useful.  So, we would need to add it to psu.edu and smtp.psu.edu 
> as well as lists.psu.edu.  Also, the MTA on all of these needs to 
> support it, in addition to listserv.  Not saying it can't, just it 
> needs too.

This is an area where everyone can be entitled to an opinion and nobody can
be proved wrong, because ISP practices are secret and change every other
week anyway :-) But in my experience, the average ISP works roughly
according to the following model:

1. Block or discriminate (junk folder, etc) IP addresses that send a lot of
mail, whether these messages are solicited or not.

2. Because everyone is so sick and tired of spam, make #1 more and more
heavy-handed every time the spam rules are revised.

3. Because #1 blocks a lot of mail that customers really want to receive and
complain loudly about, implement some form of whitelisting. Keep it secret
if you can, but be prepared to confess up eventually.

4. Because #1-3 is at best a massive hassle and sometimes just does not
work, look into emerging technologies such as DomainKeys.

Pragmatically, a server running LISTSERV (or any other mailing list manager
for that matter) is a lot more likely to qualify for #1 than a regular
person-to-person campus mail server. As such, it is a lot more likely to
benefit from #4. There is no requirement in DomainKeys that every mail
server in the organization sign its messages.

Honestly, I don't think any ISP is doing anything more than marginally
useful with #4, not yet. But I think it is coming. At a minimum, this was
Yahoo's official tune before they went into stealth mode to avoid taking any
secondary blast damage from the AOL-Goodmail debate.

Looking ahead, DomainKeys and its successor, DKIM, is the only existing open
technology that can evolve into a strong alternative to Goodmail's
pay-per-send. The problem if we all 'wait and see' is that companies like
Gartner then write that "Widespread adoption of [DomainKeys] is unlikely to
occur before the end of 2008." Managers read this and decide that it is
urgent to 'wait and see' since there are no benefits to be reaped this
fiscal quarter, and the next thing we know, we will all be paying by the
message. To quote Gartner again, "AOL says it will maintain [its enhanced
whitelist], but Gartner believes it may be phased out if GoodMail performs
well."

But really, this is a self-fulfilling prophecy. Gartner are just reporting
on what they are seeing today. It is up to us to change this, and it does
not take much effort. LISTSERV manages over 100 million subscriptions and
most of these could be protected by DomainKeys at a minimum cost in setup
time. I think universities are best positioned to be the first movers
because they have in-depth e-mail technical knowledge and a tradition of
long-term focus.

  Eric

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM