Perhaps consider changing the default of AlwaysAddARHeader to enabled #242
Description
I've been part of multiple discussions now on the client-side to evaluate AuthenticationResults headers. This may be desirable for mail accounts where the SMTP server fully rejecting any DKIM failed mail or always moving it to spam is impractical, e.g. due to the many misconfigured mailing lists.
It seems this can become way more complicated with spoofed AuthenticationResults headers, if the own target MTA only sporadically inserts unspoofed ones.
See: https://bugzilla.mozilla.org/show_bug.cgi?id=265226 or this comment lieser/dkim_verifier#465 (comment)
Most providers I've tested only sporadically insert AuthenticationResults, and I suspect it might be because they run OpenDKIM with default settings.
Therefore, I wonder if the AlwaysAddARHeader default should be changed.
Of course I realize this is a huge change and I might be missing something here anyway.