Franck Martin wrote:
I'm worried that sending an email when the signature fails could be
triggered by forged emails rather than by emails that contains dkim
errors. DKIM being clearly defined, a DKIM signed email should be
correct/wrong regardless of the destination. Easy to test the DKIM
signature pass on a couple of DKIM reflectors. Therefore reports due to
a failed signature would indicate only forged emails. I'm not sure what
information a sender gains by knowing someone is forging its signature?
Financial institutions tend to be very interested in finding out when their
domain is used in phishing attempts, or similar forgeries.
However, that's the only type of feedback you've mentioned which is related
to DKIM. I'm not sure it makes sense to tie the rest to a DKIM key record.
--
J.D. Falk
Return Path Inc
http://www.returnpath.net/
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html