On 19 Apr 2011, at 17:40, John R. Levine wrote:
arrives via a list to a verifier that applies ADSP checks which fail,
the message SHOULD either be discarded (i.e. accept the message at
the [SMTP] level but discard it without delivery) or rejected by
{{ Is this describing anything different than would/should take place for
mail
that did NOT go througha list? The text seems to be describing a special
case
but in fact it isn't. It's just an ADSP failure. }}
The alternative suggestion is that if it has a sufficiently credible
signature, accept it and forget about ADSP. See above-mentioned swamp.
I guess you'd want to see evidence (signed by the credible MLM) that the
message had arrived at the list with a good signature.
So, if the list gets a message from an ADSP protected author, the list should
add a header with information to that affect, and then sign that header. If the
recipient trusts the list, then it should examine that header to check that the
original message was compliant. If not, then it should discard the message.
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html