> In the real world signature reliability matters. If a domain signs mail > as a rule then an absent or broken signature will be treated as > suspicious.
I hope you're wrong, since that violates an explicit SHOULD in RFC 4871, and in my experience, most broken signatures are due to innocent modification in transit, not malice. Do you have numbers to show that broken signatures indicate that messages are malicious, or spam, or otherwise worse than otherwise? For that matter, since we're not talking about ADSP, what do you mean by an absent signature? Do you track which domains sign what mail? How do you tell what signature you're expecting? From line domain? Sender? Message ID? Something in the Received lines? Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html