On Feb 19, 2009, at 11:20 AM, Hector Santos wrote: > What is the current recommended method to establish or expose that a > DOMAIN should not be signed, is not expected to be signed and that > any DKIM supportive receiver seeing a message with a signature from > a purported domain should be rejected with full confidence? > > Will a NULL public key do the trick?
"Do Not Use DKIM" assertions are not possible. Key locations can be published within any sub-domain, however spoofing is unlikely to reference a valid public key, unless your domain permits customers to publish TXT records within one of your sub-domains. : ^( -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
