[Mailman-Developers] Subscription Authentication.
iane at sussex.ac.uk
Wed Aug 18 17:18:23 CEST 2010
We've been discussing mailing lists over on the ietf-dkim mailing list, and
the issue of when a receiving MTA should trust mail from a list.
I had an idea, though it's only vaguely formed:
It would be nice if a list server would verify subscription requests using
OAuth, Windows Live ID Delegated Authentication, or similar. Perhaps
instead of the usual verification by email. If
<http://fingerprintapp.com/email-client-stats> is accurate, that's about
35% of email users with Gmail, Yahoo, and Hotmail.
If that happened, then then the subscriber's mail system has a chance of
understanding that the subscriber has, indeed, subscribed to the list. At
that point, the receiving mail system might whitelist mail from that list,
provided that it had a good DKIM signature, or an SPF pass, perhaps.
One might even build some sort of federated list management infrastructure,
so a user could go to one site to manage all their Mailman3 mailing list
subscriptions. With some kind of future standard, perhaps other MLMs could
join the party later.
IT Services, University of Sussex
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the Mailman-Developers