On Sunday, January 29, 2012 08:18:33 PM Murray S. Kucherawy wrote: > I think it's prudent for us to add two more report types for both ADSP and > DKIM: "p", meaning the DKIM or ADSP test failed for local policy reasons, > and "o", meaning there was a problem with DKIM or ADSP that was something > other than the report types already listed. > > DKIM in particular can be presented a perfectly valid DKIM signature that > verifies, but the verifier could decide it doesn't want to accept the > signature anyway for policy reasons, including (real use cases here) > Subject: wasn't signed, or "l=" didn't cover enough of the message > percentage-wise. The existing report requests don't cover those. > > I don't know if there's an SPF equivalent for "p", but I suspect adding the > "o" case would be a good idea.
"p" is embedded in SPF already. If the SPF result is fail and you are rejecting due to SPF, it's by definition a policy issue. I would suggest that "o" isn't needed for SPF since we've already covered the spectrum of reasons for an SPF related rejection and so if one is rejecting a mail due to some other reason, it's not an SPF auth failure that's causing the rejection, it's another type of policy of some kind (e.g. passes SPF, but it's a known spammer domain, so reject the mail isn't an SPF issue). Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
