On Tue, Mar 15, 2011 at 8:54 PM, Stan Hoeppner <s...@hardwarefreak.com> wrote: > Steve Jenkins put forth on 3/15/2011 1:34 PM: > >> and anyone not signing should consider it. > > "Anyone not using seat belts and turn signals should consider it". > > I can see a clear advantage to the latter, but not the former. Can you > briefly explain why you believe everyone should sign mail?
Hi, Stan. Of course, we both know there's no magic bullet. But signing can help receivers verify the true provenance of the sender's message. Does it guarantee that the message isn't SPAM? Of course not. Every SPAM I've received from a GMail account has been signed. :) But can signing help identify and/or deter some spammers? Sure. And with optional ADSP extension to DKIM, it's even better. I see no downside to signing, and therefore ANY potential upside is a good thing. The resource overhead of DKIM signing and verifying is very low, so what good reason is there to NOT sign? Frankly, I don't know how to answer your 20% question. Maybe on your system, 20% is as good as it's gonna get! But based on what I know about you, I get the sense you're someone who primarily deals with lots of incoming mail. And it always seems that where one stands depends on where one sits. :) I'm sitting on the other side. We process very little incoming mail, but send millions of legitimate emails to our customers every week. DKIM signing them has undeniably increased our inbox deliverability rates, and inbound processors can know that if a mail claims to come from us but isn't signed, it's bogus. Again, with no downside and little-to-no cost, even a small potential upside is a good thing. Respectfully, SteveJ
