Not that I know when r= should be used, but, it strikes me that having
an r= specify an address outside of the domain in question is a
potential for DOSing some innocent third-party.
So, should r= only specify a localpart and the domain is implied by
the domain being queried, or if r= specifies a complete address,
should the domain be constrained to be in the policy query domain or
below?
Mark.
_______________________________________________
NOTE WELL: This list operates according to
http://dkim.org/ietf-list-rules.html