Tony Hansen wrote:
A related question is what value should be put in the headerspec for
failure situations? The identity has not been verified, so there's no
value to be put into the headerspec.
Why would it change? The method still based its evaluation on something
(a header value, envelope data, "i=", or something else).
Sometimes it's the lack of something that causes the failure, not the
presence of it. And the value part is supposed to include an extracted
value; what if there *is* no such value?
I think in the cases of some kind of fatal syntax failure of the method being
applied, you simply wouldn't include an A-R header at all for that method.
Consider a message that is missing a dkim-signature header where the
policy says that the header is required; what do you put into the value
part of the headerspec?
Actually, DKIM (last I checked) said you didn't look at the policy unless the
signature failed to verify. This would therefore be another case where I just
reported no result of any kind.
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html