On Fri, 15 Jul 2005, Earl Hood wrote:
The specification says you can add comments, so saying "fail (signature
failed to verify)" leaves you with a basic code indicating the type of
failure, and the comment can be used to relay details. The comment can be
directly rendered by whatever agent might find such details desirable.
Comments are not standardized, so generating automated reports is
problematic, unless you standardized the comment text (which means
you should just go with formal status codes).
I don't propose standardizing comment text. That would be silly, and I
agree that in that case we should just amend the set of formal status
codes. However, if the comment is present, it may provide useful
information when reported back to the user.
Even SMTP defines formal codes to provide classifications of status
along with reasons.
True, but is it comprehensive? For example, the 5xx codes don't contain
one I would use to report that the message body being rejected was
rejected because it contained a virus.
In that instance, "550 Virus 'foobar' detected" contains a rejection code
that's machine-parseable but somewhat generic as defined in RFC2822, and
then is amended by a comment string that would be useful to include in a
report back to the sender.