Adding and removing Authentication-Results is probably the most common
modification. Removing header garbage may also be fairly popular, dunno.
Why do you think it's bad?
Adding A-R is fine. Messing with the message otherwise is more help than
I want from DKIM.
At any rate, the paragraph I was referring to is
The verifier MAY treat unsigned header fields with extreme
skepticism, including marking them as untrusted or even deleting them
before display to the end user.
That's an example of the bad advice that I think we should drop from
4871bis. It does nothing to improve robustness or interoperability, just
offers unsolicited advice to MUA developers.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet
for Dummies",
Please consider the environment before reading this e-mail. http://jl.ly
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html