Comment 2 for bug 2018646

I need to think about this one.

I agree with the specific point that dns isn't imported, so that's a bug.

I'm not sure I agree with your proposed patch though. dns.resolver.NoNameservers is indicative of a configuration problem at the verifier, so I'm not convinced dkimpy should just treat it the same as no response.

Imagine a case where your server's DNS configuration was completely broken so there really were no name servers available. I'm not certain the desired behavior would be to silently claim every DKIM verification failed.

A SERVFAIL for a TXT record is pretty unusual unless the DNS server in question is broken. Does the <redacted> domain still get a SERVFAIL from Google if you query it? If so, would you please pass the domain name in question to me privately so that I can investigate further.

I think it might be better to treat it as a timeout since that at least is a DNS related error condition.

I'm open to additional input on this if you or anyone else has thoughts on the matter.