[exim] Re: ARC: How to verify OUTBOUND arc signing for local…

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Bill Cole
Fecha:  
A: Larry Rosenman via Exim-users
Asunto: [exim] Re: ARC: How to verify OUTBOUND arc signing for locally generated messages
On 2024-02-08 at 19:07:16 UTC-0500 (Thu, 08 Feb 2024 18:07:16 -0600)
Larry Rosenman via Exim-users <ler@???>
is rumored to have said:

> I want to verify that the arc signing is happening for my outbound
> mail.


It mostly shouldn't be happening.

> I see an "exim 38801 - - 1rYEEa-00000000A4g-1GSd ARC: no
> Authentication-Results header for signing'
> this was mail sent directly to this host and authenticated.


Normal.

> Should I add an Authentication-Results header for mail coming in via
> 587?


NO.

> Or am I misusing/abusing ARC?


That.

ARC is for forwarding systems. It is intended to protect forwarded mail
from looking like forged mail. The ARC header asserts that when the
message arrived, the SPF and DKIM mechanisms scored a particular way. As
neither SPF or DKIM is relevant for initial mail submission, there's
nothing for ARC to do when it gets a message that has no pre-existing
DKIM signature from an authenticated client via port 587 or 465.



--
Bill Cole
bill@??? or billcole@???
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/