A) No mail has an isp.com From: address, but mail with other From:
addresses may have an isp.com signature.
Consider what I believe Y! does in their MUA: if it's got a valid
signature from isp.com with a From: foo(_at_)customer(_dot_)com, it doesn't get a
nice little message saying that Y! believe it came from customer.com.
Thus the outsourced mail will not be treated on a par with mail signed
on behalf of the domain.
It makes sense that customer.com would publish an SSP record saying "my
mail is all signed by isp.com".
But I still don't see what benefit it is for isp.com to say "we sign some
other people's mail." If isp.com signs other people's mail, we'll know
because we'll see the signatures.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet for
Dummies",
Information Superhighwayman wanna-be, http://johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html