In my testing with Cisco ASA data, I don't see much of a difference with useACK on or off. I get about 12.5 MB/s on modest hardware with useACK enabled and maybe 5% better with useACK disabled. That's with a Universal Forwarder and indexer both running 6.4.0 on separate RHEL7 VMs. Those VMs each have 8 2GHz cores from a Xeon E7-4850 and I'm almost certain that I would need a faster CPU to get more throughput out of them. The indexer is using between 4-5 cores in this configuration which I believe is essentially its maximum with a single indexing pipeline. The forwarder uses a tiny fraction of a core.

You mentioned that the maxKBps limit is uncapped which implies that you're using a Universal Forwarder. That's good; there might be a way to tune a heavy forwarder to match the throughput of a UF, but all I've seen is slower forwarding and higher CPU cost on the indexer and forwarder. I've also observed a big speed penalty when using SSL on a heavy forwarder.

My guess is that if you're using a UF and can't get better than about 6 MB/s, there's something about your data that's limiting the throughput and it's spending too long in other queues before it hits the indexing queue. Props tuning might help; I personally like the visual on slide 13 from this .conf presentation: https://conf.splunk.com/session/2014/conf2014_DritanBitincka_Splunk_UsingTrack.pdf

All of that said, if there's no simple optimization available and you're on at least 6.3, maybe enabling multiple pipeline (http://docs.splunk.com/Documentation/Splunk/6.4.3/Indexer/Pipelinesets) will get you what you need. The catch is that if you're currently reading a single file you'll need to find a way to break it up into at least 2 separate files to boost your performance. You'll also end up using more cores but it sounds like you have them.

Hope this helps! Good luck!