On Thu, Dec 06, 2007 at 08:17:09PM -0500, John L wrote:
In that case, what is the SSP result when a message does not contain a
valid Originator Signature, and the Originator Domain has a policy of
"all"?
"not compliant"
The whole business about third-party signatures is a DKIM-based
mechanism to decide what to say in that case. If the verifier sees
another signature that they "like", the result is "not Suspicious".
If the recipient sees another signature it likes, it's not going to do
an SSP lookup at all, so I don't see any value in giving recipients
directions for a situation that won't happen.
Sorry to chime into this so late, but I want to make sure I understand.
Given this:
SPP bankofamerica.com p=strict
From: loans(_at_)bankofamerica(_dot_)com
DKIM-Signature: i=(_at_)dkim(_dot_)mit(_dot_)edu
DKIM-Signature: i=(_at_)dkim(_dot_)bankofamerica(_dot_)com
Subject: Get a great rate today!
<body munged by mit that would cause bankofamerica signature to fail>
You'd accept the message?
--
:: Jeff Macdonald | Director of Messaging Technologies
:: e-Dialog | jmacdonald(_at_)e-dialog(_dot_)com
:: 131 Hartwell Ave. | Lexington, MA 02421
:: v: 781-372-1922 | f: 781-863-8118
:: www.e-dialog.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html