As mentioned by Elizabeth recently: (Elizabeth please chime in if this
doesn't capture your meaning)
the spec does not define *which* DKIM signature should be reported in
the DMARC RUA created by a receiver. The proposed resolution to this is
that if the receiver does not provide the complete set of DKIM
signatures found, they should provide (in order of preference)
1. a signature which passed DKIM in strict alignment with the From:
header domain
2. a signature which passed DKIM in relaxed alignment with the From:
header domain
3. some other signature that passed DKIM
4. some other signature that didn't pass DKIM
--Tomki
_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc
