John Levine wrote:
I would change it to say that the sender authentication reports for
path-sensitive methods should only be added at the points where those
methods make sense, and SHOULD NOT be added elsewhere.
I imagine since this is going to be a standards track document, I'd have
to be more precise and comprehensive than that, e.g. path-based tests
SHOULD be done only at border MTAs, and client validity checks SHOULD be
done only at injection points. The crypto stuff (e.g. DKIM) can really
be done anywhere so there's no need to restrict that case. Are there
any others I'd need to include?
-MSK
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html