Comments welcome, even if it's just "I read this, looks good to me"
so that some support or consensus can be recorded.
I read it, it almost looks good to me. A VBR-Info header can list
multiple certifiers, so unless there's something I missed, the vbr
clause in the A-R header should include the name of the certifier.
I imagine that in a scoring system different certifiers would be
weighted differently, e.g., a list of spamless signers vs. a list
of signers that send a mix but it's not all spam.
The domain name being verified seems redundant since it should appear
in a previous DKIM, DK, SPF, or S-ID clause, but it doesn't hurt
anything and I suppose makes parsing easier. I'd suggest calling the
fields vbr-certifier and vbr-domain, So your example would be:
Authentication-Results: mail-router.example.net;
dkim=pass (good signature) header.d=newyork.example.com
header.b=oINEO8hg;
vbr=pass header.vbr-certifier=voucher.example.net
header.vbr-domain=newyork.example.com
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html