On Sat, 2006-02-11 at 18:12 +0100, Frank Ellermann wrote: > Douglas Otis wrote: > > > It seems unlikely DKIM, by itself, will offer a means to > > reduce the level of spam, which appears to the motivation > > behind aggressive rejection. > > We've STRONG DKIM and "weak" DKIM. For the former you need > a valid "originator" signature, otherwise reject is the most > sensible thing to do: Tag as suspicious and move it to some > "potential junk" folder expecting end users to wade through > it manually could degenerate into "drop", and then "reject" > is much better for legit senders.
When the signature has elapsed beyond the an expiry period, the current draft indicates the recipient MUST NOT consider the signature to be valid. This would be independent of any sender policy. When the message is within a reasonable time frame beyond the expiry time, this could be due to two causes, replay or delay. With a high level of spam, placing messages into a junk folder is likely worse than rejecting the message. If this message was a delinquent delinquency notice, for example, either full acceptance or rejection would make more sense. The recipient may wish to consider how to handle delivery periods that are perhaps too short to accommodate delays that may occur in the recipient's system. The MUST in the draft may be a bit harsh. -Doug _______________________________________________ NOTE WELL: This list operates according to http://dkim.org/ietf-list-rules.html
