dkim-ops
[Top] [All Lists]

Re: [dkim-ops] Yahoo/BellSouth configuration

2009-08-26 16:47:11
Murray S. Kucherawy wrote:
-----Original Message-----
From: John R Levine [mailto:johnl(_at_)taugh(_dot_)com]
Sent: Wednesday, August 26, 2009 12:57 PM
To: Murray S. Kucherawy
Cc: dkim-ops(_at_)mipassoc(_dot_)org
Subject: RE: [dkim-ops] Yahoo/BellSouth configuration

    
I don't agree that this is the right action in all cases, nor that
"can't be verified" includes transient DNS errors.
      
But this isn't a transient DNS error.  The authoritative answer from
bellsouth.net is that there's no such key, because they forgot to
install
it.  I tried sending myself a message from my BT Internet account,
which
is also handled by Yahoo.  It's key is s1024._domainkey.btinternet.com,
which does exist.
    

I guess it's a matter of preference, as I'd rather defer on NXDOMAIN and try at least once more if for example the key record somehow hasn't propagated yet.
  

If you could be sure that it was just trying once (or twice...) more before accepting the message this would be fine.  But that would require keeping state on messages that have been tempfailed and AFAIK it's not doing that.  Without that kind of state information, a tempfail acts more like a delayed permfail.

-Jim

_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops