Forwarders that break DKIM signatures usually do so by modifying email content as email transits through the forwarder. These forwarders are detected by the reported presence of signatures.
If the forwarder can be identified and contacted, the forwarder can sometimes change their behavior to preserve DKIM signatures. However, it is possible that the forwarder is in fact spoofing DKIM signatures in an attempt to fool naive receivers.
When deploying DMARC, domain owners often find that email can flow through forwarders before arriving at a final destination.
Domain owners then wonder if the forwarder is capable of interoperating with DMARC.
This directory contains information on the capabilities of various email forwarders.