On 04/06/2008 08:02, "John Levine" <[EMAIL PROTECTED]> wrote:
> What I should have said was that recipients MUST do the NXDOMAIN check > and SHOULD do the more comprehensive 2821 check. It's SHOULD since it > is my impression that many MTAs do it anyway, so there's no incremental > cost. > > This gives senders a baseline that they know receivers will do, and if > the receivers are more sceptical, that doesn't hurt the senders. +1 On 04/06/2008 10:14, "Dave Crocker" <[EMAIL PROTECTED]> wrote: > Unfortunately, it is rarely based on the rfc2822.From field. It is, > instead, typically based on rfc2821.mailfrom. > > So we need to be careful about assuming that any of these tests are likely to > be "free". In fact, one bit of feedback I got was explicit about these > additional tests as costing too much. They had tried and found they added too > much delay. Too much delay for too little benefit, most likely. That balance seems likely to change once more high-value domains sign with DKIM and use one of the strict ADSP assertions. -- J.D. Falk Return Path Work with me! http://www.returnpath.net/careers/
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
