If they say their mail is discardable, take them at their word and
discard it.
I disagree.
The ADSP=discardable deployer is not conveying apathy regarding the
deliverability of their mail, quite the opposite IMO. They are saying
(to paraphrase) "please attempt to verify the DKIM signature on this message
against the key record in our DNS for this domain/subdomain, and if you
cannot verify the signature then please discard the message as a means
of protecting your subscriber from phishing attacks, otherwise please
deliver the message and do so knowing we put this much effort into
ensuring the goodness of the mail before we sent it".
This is a really good example of why ADSP will never be useful. I believe
that's what you mean when you set adsp=discardable, and what Paypal means,
but it's not what I meant when I wrote the section about discardable and I
don't think it's a fair reading of the RFC. People want to read way more
into it than is actually there.
Early drafts of what turned into ADSP used the word "strict" which I
changed to "discardable" to make it clear that if you set this flag,
you're saying the mail is unusually unimportant, to the extent that if
there's any doubt about its legitimacy, just throw it away.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html