[opendkim-dev] Re: On-KeyNotFound option
> -----Original Message-----
> From: opendkim-dev-bounce_at_lists.opendkim.org [mailto:opendkim-dev-
> bounce_at_lists.opendkim.org] On Behalf Of SM
> Sent: Wednesday, August 26, 2009 12:34 PM
> To: opendkim-dev_at_lists.opendkim.org
> Subject: [opendkim-dev] On-KeyNotFound option
>
> [...]
>
> I'll elaborate on a different case. Let's say I take one of your
> DKIM-Signature headers, change the selector and append it to a
> message. Is that a bad signature or a DNS "error"?
I've so far opted to respond to those by temp-failing (by default) in case a signed message gets to a verifier before the DNS update happens. Negative caching eventually expires, allowing the message to verify later once correct propagation has occurred.
Received on Wed Aug 26 2009 - 20:24:55 PST
This archive was generated by hypermail 2.3.0
: Mon Oct 29 2012 - 23:32:29 PST