> This language works well for me. Excellent; thanks.
> I suggest adding some language about why MTAs should not rearrange message > headers or MIME > sections, even though earlier documents grant permission to do so. > > Additionally, when adding headers, an MTA must add them at the top if (a) the > header type is > included in any verifiable signature, (b) the header is officially labelled a > trace header, or (c) the > MTA chooses not to match the added header type to existing signatures (ARC or > DKIM) If you're talking about something related to the sending domain not doing that after DKIM signing, we could say that as part of the "use DKIM and do it correctly" part. If you're talking about MTAs further along the path, that's out of scope here, at least in a normative sense. We could say, informatively, that those practices break DKIM signatures and thus hurt DMARC. But we can't place normative requirements on MTAs that are not implementing DMARC. Barry _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc