On Mon, 6 Nov 2023, Sebastian Nielsen via Exim-users wrote:
> Yes you can do this:
>
> In acl_rcpt:
>
> warn
> domains = <YOURDOMAIN>
> remove_header = dkim-signature
> remove_header = arc-seal
> remove_header = arc-authentication-results
> remove_header = arc-message-signature
> It will also dump any DKIM or ARC signatures from original sender,
> instead you sign mail yourself.
Why do you remove ARC signatures ?
I thought the aim of ARC was to preserve and authenticate
some of the header info when messages are forwarded, perhaps more than once ?
> A forwarded email as this, with forwarded_user having a forward to "somewhere@???" will become:
>
> MAIL FROM: youruser@???
> RCPT TO: forwarded_user@???
>
> From: youruser@???
> To: forwarded_user@???
>
>
> Will become:
>
> MAIL FROM: forwarded_user@???
> RCPT TO: somewhere@???
>
> From: forwarded_user@???
> To: somewhere@???
> Reply-To: youruser@???
>
>
> (If Reply-To on sending mail is already set, it will not be replaced).
That might help the message reach the mailbox, but the recipiient will
have to look harder to see who the message claims to have been
originally sent by.
Note. This example is confusing; was the original sender (assuming all
is trustworthy) youruser@??? ? A clearer example would have had
MAIL FROM: random.person@???
RCPT TO: my.user@???
--
Andrew C. Aitchison Kendal, UK
andrew@???
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/