-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org [mailto:ietf-dkim-
bounces(_at_)mipassoc(_dot_)org] On Behalf Of Michael Thomas
Sent: Monday, October 19, 2009 9:53 AM
To: Daniel Black
Cc: barryleiba(_at_)computer(_dot_)org; ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Issue: Deployment Guide Section 6.1/6.5
(ADSP/Forwader) conflict
My feeling is this:
1) Make DISCARD rejection a knob and see how it goes.
2) For ALL or just plain old DKIM signatures, use that information as
an
end receiver would to make a spam/ham decision, but otherwise pass
*everything*
through to the final recipient even if they're 100% sure they broke
the
signature. (Forensics)
3) Always resign the message if it's possible.
The open source implementations I have do it this way. Unfortunately I don't
have any data to report from users yet.
Perhaps I can add some anonymous-as-possible off-by-default well-documented
stats and data collection and ask people to turn it on during the experimental
period. It seems easier to do something like that than asking users to send me
data after the fact.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html