Alex:
So ultimately who's at fault here for causing this to fail? AOL? What
should have been done to prevent it?
it depends who generate the DSN.
- AOL?
-> then they should DKIM sign their own message.
- an AOL customer sending on behalf of his own AOL address via AOL
infrastructure?
-> then AOL should DKIM sign the message. They autenticate the
customer and authorize the submission
- a third party?
-> submission is not authorized to use aol.com as RFC5322.From.
-> AOL suggest to reject the message (DMARC Policy p=reject)
Andreas