Author: Jim Fenton Date: To: exim-users Subject: Re: [exim] Adding authentication-results header field only locally
On 9/18/20 5:09 PM, Jeremy Harris via Exim-users wrote: > On 17/09/2020 23:30, Jim Fenton via Exim-users wrote:
>> So instead I have tried putting into my mail_spool transport:
>>
>> headers_add = ${authresults {$primary_hostname}}
>>
>> but I'm not seeing the header field in locally-delivered messages (yes,
>> I am using mail_spool local delivery). Is this the wrong approach?
> It's not one I'd considered. My assumption was that since
> one does authentication in the various ways as Exim accepts
> the message, that was when the results would be recorded.
> Obviously I wasn't thinking hard enough.
>
> I think it will mostly, but not quite all, work.
> Bits of the ARC info, for example, I think will not.
> Basically, all the items that are made
> available as exim variables will be ok (because they get
> passed along with the message even in spool files).
> Other info will not.
>
> [ you're going to really confuse me, using a transport called
> "mail_spool". What are you really trying to do? ]
I hadn't realized, but apparently the mail_spool transport is part of
the config that's distributed with Debian, and not a generic Exim4
thing. Basically what I'm trying to do is get all locally delivered mail
to have the Authentication-results header field added, but not messages
sent externally (external domains should do their own email
authentication anyway, and I don't want to pollute outgoing messages
with non-useful stuff).
I discovered that the message wasn't actually going to the mail_spool
transport anyway, because I have a .procmailrc file. The procmail router
in my config sends it to a different transport, procmail_pipe, in that
case. So I had the headers_add in the wrong place.
>
> You could, in acl, plonk the header string into a variable
> which this one transport then used to add it as a header.
With it in the right transport (or the right router), it does add the
authentication-results header field, but without the DKIM info. This
suggestion will help with that. But I still have the problem that I want
to put the new header field at the beginning, not the end, of the
header. The ":at_start:" thing works for add_header in ACLs, but not for
headers_add in routers or transports. I'm not sure how to fix that.
Related question: when a router does a headers_add, does it only do that
if that router accepts? Or does the header field get added when a
subsequent router accepts? If the former, I need to add the header field
in several local-ish routers.