For making decisions on the dot, See:
http://tools.ietf.org/html/draft-otis-dkim-tpa-label-06
ADSP was initially focused on mitigating phishing attacks.
Unfortunately, ADSP had a negative impact on informal third-party mail
services being used by targeted domains. The stalwart alternative to
the ADSP proactive scheme, reputation services, are unable to keep pace
with the dynamic environment created by criminals profiting from their
deceptive activities.
So rather than asking a reputation service about the message source, or
asking a vouching service about what the Author Domain should have
entered into their ADSP record, why not directly ask the Author Domain
about the source. After all, the Author Domain has a vested interest in
guiding their recipients in what sources should be accepted even when
the Author Domain Signature is no longer valid. The Author Domain is
able to indicate whether the source domain is authorized and how the
recipient should be able to authenticate this source. All of this
information is contained within a simple single DNS transaction.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html