meta tag, UTM and all that all assume you control the page on the referring site (as I say, in our case, this is .gov and we don't).
There's nothing you can do on your end to sort this out except go https. That's the real solution. Once you got https, all your referral traffic comes back because the protocols do allow sending referrer data between secure sites. I don't see how that meta tag gets around that problem - it effectively breaks the https protocol.