John,
Except that breaks an actual use case. I have a bunch of mail
addresses other places that forward mail to my regular address. The
forwarders are all easy to recognize due to fixed IP addresses and
consistent received header syntax. The AR headers that the forwarders
add would be quite useful to me, and I really don't want to have to go
patching my MTA to tell it what users expect mail forwarded from what
places in order to get to look at them.
To start with, while perhaps SPs would, as an enterprise administrator I
won't care about this use case. My concern will be more how my clients
actually figure out who to trust and I want them to only trust my border
MTAs, and I want no ambiguity about it. Further, if I'm stripping I am
adding my own, and for some time to come that is likely to mean that I
am applying the same algorithms that your forwarders would have
applied. As long as your forwarders don't break signatures you should
be good. I could see a use case for SPF where the check will fail
because the forwarder isn't in the list, but then I have to weigh that
against the MASSIVE hole that opens up that would make SPF useless.
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html