On 3/7/23 2:46 PM, Jim Fenton wrote:
Section 3.4:
I would always expect an inbound filtering service to do SPF/DKIM
checks and apply an Authentication-Results header field with the
result. Are there any that don’t?
I don't think we should count on Auth-res being there or not. As I
mentioned previously, there is a wealth of possible meta information
produced in the act of verification that is not necessarily transported
by the Auth-res header. Frankly, I'm not sure why Auth-res needs to be
brought up at all -- by the time it is applied, it has already fallen
into the black box of the receiver of which we know little about.
Mike
_______________________________________________
Ietf-dkim mailing list
Ietf-dkim@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-dkim
