Auteur: Tom Crane Date: À: Jeremy Harris via Exim-users CC: Tom Crane Sujet: Re: [exim] ARC signing and verification
On Wed, 22 Apr 2020, Jeremy Harris via Exim-users wrote:
> On 22/04/2020 20:10, Tom Crane via Exim-users wrote:
>> Now I get "ARC: no Authentication-Results header for signing" logs for
>> each email processed in /var/log/exim/main.log and no emails get any
>> ARC-* header fields added or an added "Authentication-Results:" field.
>>
>> From the experimental-spec.txt file,
>> Caveats:
>> * There must be an Authentication-Results header, presumably added
>> by an ACL
>> while receiving the message, for the same ADMD, for arc_sign to
>> succeed.
>> This requires careful coordination between inbound and outbound
>> logic.
>>
>> Is this the reason I get no ARC-* header added?
>
> Yes
>
>> If so why is the above
>> add_header statement not doing so?
>
> Did your test mail go through that ACL? Did the logwrite show in the
> log?
No. I found I was missing a 'acl_smtp_data = acl_check_data' statement so
those ACLs were not being referenced. After adding it and fixing a few
syntax errors I am now getting an Authentication-Results: header added to
the top of the message containing the server's FQDN and "arc=none".
The corresponding exim logs always show "ARC_state: <none> condition =
logwrite = reason: <>".
I tried various variations of the 'warn verify = arc/pass:none:fail'
statement but none made any difference in the logwrite statement output.