If an entity that receives an incident report has a suggested solution to the problem, it MAY send an incident message containing a <suggestion/> element.
- Further definition of the <suggestion/> element will be provided in a future version of this specification.
+
+ Unless explicitly configured to do so, a receiving server SHOULD NOT automatically modify its configuration based on receipt of an incident report, even from a trusted server, but instead SHOULD prompt the human administrator(s) so that they can take appropriate action.
+ A receiving server MAY accept incident reports from peers that are not on its "trust list", but SHOULD treat such reports with caution and provide them to the human administrator(s) of the server.
+ A receiving server MAY forward reports that it receives to other servers it trusts