[opendkim-dev] On-KeyNotFound option

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: SM <sm_at_resistor.net>
Date: Wed, 26 Aug 2009 12:33:46 -0700

Hello,

Murray introduced a new option called "On-KeyNotFound". That option
is to accept messages if the public key cannot be retrieved due to a
DNS NXDOMAIN. There are two or more cases for a "nokey":

  (i) the key retrieval failed due to a DNS NXDOMAIN
  (ii) the DNS RR was retrieved by there isn't any key in there
  (iii) An incorrect RR was returned due to DNS wildcards

I'll elaborate on a different case. Let's say I take one of your
DKIM-Signature headers, change the selector and append it to a
message. Is that a bad signature or a DNS "error"?

Regards,
-sm
Received on Wed Aug 26 2009 - 19:34:07 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:32:29 PST