Agreed. I would like it to say something like a host SHOULD remove
A-R headers with names in its own domain that were applied outside its
trust boundary. But it should leave A-R headers for other domains
alone.
I really don't think this rises to SHOULD. Most MUA filters, for
example, aren't terribly complicated so I'd be pretty worried as an
admin that users using that might get confused if there were more
than one to choose from.
Um, aren't we speculating about vaporware here?
If you're planning to use the existing text pattern matching in MUAs,
since they don't have access to a reputation database, the best you can
do is to put in whitelists for known friends and blacklists for failures
on domains like paypal. I don't see that adding in the name of a verifier
into the pattern to match would tax MUA more than now. On the other hand,
if we expect to upgrade the MUA to consult reputation databases, then it
can clearly do whatever you want.
Deciding to strip it as a matter of policy seems like a pretty
reasonable thing since it has the potential to cause grief.
As I said in my previous message, stripping other people's A-R headers
removes valuable functionality. Is it really a good idea to do that
just because you're worried that yet-to-be-written software might
screw up?
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html