John L wrote:
Surely you're not advocating a MUST NOT strip, or even a SHOULD NOT
strip. The third parties can sign after all and then you'd just trust
them directly.
Why, yes indeed, I'm advocating SHOULD NOT strip. Surely you haven't
forgotten that this is supposed to work with SPF and Sender-ID, where
forwarders can't sign without munging the message. Even if the
forwarders do sign, that doesn't tell us anything about the status of
the message when it arrived at the forwarder which is useful for spam
forensics.
Version 08 of the draft is now available via www.ietf.org. It's still a
MUST to delete this header if it claims to come within your domain, but
other deletions are unspecified and thus up to the receiver's
implementation/configuration.
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html