I mostly agree. (Wow!)
1) During the handling of a message in conjunction with a DKIM result that
indicates a
valid signature, consider as valid only those fields and the body portion that
was
covered by the signature. Note that this is not to say unsigned content is
not valid,
but merely that the signature is making no statement about it.
2) Refuse outright to sign or verify any message that is not syntactically
valid.
Rather than be so absolutist, I'd say "any message with syntax errors that are
likely
to cause MUAs or other applications to interpret it inconsistently."
The thought is that two Subject lines is worth rejecting, an extra at
sign in the Message-ID is not.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html