A submission server might be in a good position to sign a message on behalf of
the submitter, but it seems awkward at best to expect a submission server to
distinguish between original messages and re-sent messages.
Which implies that you think that it's impossible to implement your tag in
a normal DKIM deployment.
I am not sure we share the same idea of "normal DKIM deployment".
I think that authors that want to protect their reputations can arrange
for their messages to have DKIM authorship signatures, and also
advertise (say via DNS) that their messages will have such signatures.
Whether this is done via an MUA, or via a special submission server, or
whatever, is up to the author.
I also think that submission servers can sign their messages in such a
way as to be traceable to who (re)submitted the message (based on the
authenticated ID) and to identify to whom the message was sent.
Keith
_______________________________________________
ietf-dkim mailing list
http://dkim.org