On Sat, 2006-02-11 at 18:12 +0100, Frank Ellermann wrote:
Douglas Otis wrote:
It seems unlikely DKIM, by itself, will offer a means to
reduce the level of spam, which appears to the motivation
behind aggressive rejection.
We've STRONG DKIM and "weak" DKIM. For the former you need
a valid "originator" signature, otherwise reject is the most
sensible thing to do: Tag as suspicious and move it to some
"potential junk" folder expecting end users to wade through
it manually could degenerate into "drop", and then "reject"
is much better for legit senders.
When the signature has elapsed beyond the an expiry period, the current
draft indicates the recipient MUST NOT consider the signature to be
valid. This would be independent of any sender policy. When the
message is within a reasonable time frame beyond the expiry time, this
could be due to two causes, replay or delay. With a high level of spam,
placing messages into a junk folder is likely worse than rejecting the
message. If this message was a delinquent delinquency notice, for
example, either full acceptance or rejection would make more sense.
The recipient may wish to consider how to handle delivery periods that
are perhaps too short to accommodate delays that may occur in the
recipient's system. The MUST in the draft may be a bit harsh.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html