On second thought, wouldn't the MX for an address *be* a border MTA and thus
part of the intended recipient's administrative domain?
Yeah. That's the place where the message hops from the senders's network
to the recipient's network.
An intermediate MX could do any authentication it wants, but any A-R header
it adds is not desirable by the receiving domain anyway.
Sorry, that's just wrong. My wife has an address at cornell.edu which
forwards to an address here. Since I know the path that the mail takes
from Cornell to here, if Cornell added a header and the message arrived
via the known path, their header would be quite useful even though the
message subsequently made an MX hop to get here. Ditto for my addresses
at acm.org, ieee.org, etc. For SPF and other path authentication, an A-R
from the previous MX would be greatly preferable to the alternative of
parsing Received: headers.
Regards,
John Levine, johnl(_at_)iecc(_dot_)com, Primary Perpetrator of "The Internet for
Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html