I had to reread a bit the proposal, but I think specifying clearly that these tags are for the DNS part of the DKIM record would help, just to make it cristal clear. Putting this information in the DKIM signature header is not the right place as it could lead to false reports due to fake signatures.
The proposal is to request an email is sent when the signature fails. I would extend the proposal to send an email (at the liberty of the receiver) when the signature pass for the following conditions: -the email contained a virus/malware/phishing -the email was delivered in the junk folder /suppressed -the email was flaged as spam by the receiver. Appropriate text in the ARF report would need to match the above conditions. I'm worried that sending an email when the signature fails could be triggered by forged emails rather than by emails that contains dkim errors. DKIM being clearly defined, a DKIM signed email should be correct/wrong regardless of the destination. Easy to test the DKIM signature pass on a couple of DKIM reflectors. Therefore reports due to a failed signature would indicate only forged emails. I'm not sure what information a sender gains by knowing someone is forging its signature? ----- Original Message ----- From: "Murray S. Kucherawy" <[email protected]> To: "Franck Martin" <[email protected]>, [email protected] Sent: Monday, 15 June, 2009 12:06:04 PM GMT +01:00 Amsterdam / Berlin / Bern / Rome / Stockholm / Vienna Subject: RE: [ietf-dkim] General Feedback loop using DKIM There’s a draft proposal out to add a new tag to keys for doing this. See draft-kucherawy-dkim-reporting. From: [email protected] [mailto:[email protected]] On Behalf Of Franck Martin Sent: Thursday, June 11, 2009 6:04 AM To: [email protected] Subject: Re: [ietf-dkim] General Feedback loop using DKIM Reviewing a bit the discussion, I see a technical solution would be to use the n: tag of the dkim signature to indicate where ARF report should be sent if the receiver wants to do that. So the n: tag in the dns could contain something like {fbl:[email protected]}, this would give a hint that the sender is processing FBL and where ARF reports shold be sent. […]
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
