[mail-vet-discuss] Auth-Results issue #4 method=value values
Murray S. Kucherawy
msk at sendmail.com
Wed Apr 19 16:08:06 PDT 2006
Tony Hansen wrote:
>>>A related question is what value should be put in the headerspec for
>>>failure situations? The identity has not been verified, so there's no
>>>value to be put into the headerspec.
>>Why would it change? The method still based its evaluation on something
>>(a header value, envelope data, "i=", or something else).
> Sometimes it's the lack of something that causes the failure, not the
> presence of it. And the value part is supposed to include an extracted
> value; what if there *is* no such value?
I think in the cases of some kind of fatal syntax failure of the method being
applied, you simply wouldn't include an A-R header at all for that method.
> Consider a message that is missing a dkim-signature header where the
> policy says that the header is required; what do you put into the value
> part of the headerspec?
Actually, DKIM (last I checked) said you didn't look at the policy unless the
signature failed to verify. This would therefore be another case where I just
reported no result of any kind.
More information about the mail-vet-discuss