[Mailman-Developers] Subscription Authentication.
Ian Eiloart
iane at sussex.ac.uk
Wed Aug 18 17:18:23 CEST 2010
Hi,
We've been discussing mailing lists over on the ietf-dkim mailing list, and
the issue of when a receiving MTA should trust mail from a list.
I had an idea, though it's only vaguely formed:
It would be nice if a list server would verify subscription requests using
OAuth, Windows Live ID Delegated Authentication, or similar. Perhaps
instead of the usual verification by email. If
<http://fingerprintapp.com/email-client-stats> is accurate, that's about
35% of email users with Gmail, Yahoo, and Hotmail.
If that happened, then then the subscriber's mail system has a chance of
understanding that the subscriber has, indeed, subscribed to the list. At
that point, the receiving mail system might whitelist mail from that list,
provided that it had a good DKIM signature, or an SPF pass, perhaps.
One might even build some sort of federated list management infrastructure,
so a user could go to one site to manage all their Mailman3 mailing list
subscriptions. With some kind of future standard, perhaps other MLMs could
join the party later.
--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
More information about the Mailman-Developers
mailing list