>> You'd need to configure it to tell which authids to accept, perhaps >> defaulting to the host name of the machine SA is running on since >> that's a likely default for the authid. > >Agreed. I think it would also - at the trust boundary - need a filter before >the DKIM/SPF verifier that adds the Authentication-Results: header. Its job >would be to remove any Authentication-Results: that claim to belong to ones >own ADMD.
You might want to reread section 5 of RFC 5451. That's already in the A-R spec. R's, John
