robw24
asked on
What should be done with incoming emails that fail DKIM verification?
Is it wrong to block emails that fail DKIM verification?
ASKER
Sorry, I don't think I understand what you mean. If you mean that by blocking emails that fail DKIM verification will block legitimate emails that do not use DKIM, then that is absolutely false. If an incoming email is not signed (not using DKIM) then it is impossible to fail DKIM verification. Only emails that implement DKIM (are digitally signed) have DKIM verification performed. Thus if DKIM verification is not performed then it cannot fail. My question is that if an incoming email USES DKIM SIGNING and subsequently fails DKIM verification then should it be blocked.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
DKIM Frequently Asked Questions
http://dkim.org/info/dkim-faq.html
I'd say that automatically failing them will only guarantee the delivery of messages that are sent by DKIM participants. That is by no means every legitimate email user who may want to send you email.