Closed wioxjk closed 6 years ago
I am not using ARC at the moment myself unfortunately, if you could share some passing and failing headers that would be helpfull. Thanks.
Btw, for the moment it looks like we would only need to add 'arc'
to $RFC5451_authentication_methods
.
Successful auth
ARC-Authentication-Results: i=3; hashmal.selea.se; dkim=pass (1024-bit key) header.d=webadmin8.net
Failed auth:
arc=fail (signature failed);
I think that it is everything, I can gladly help with testing :)
Is there really a need to check the ARC-Authentication-Results
header as well? If I check the headers in issue 66 at https://github.com/trusteddomainproject/OpenARC there is also a arc=(pass|fail)
statement added to the Authentication-Results
header:
Authentication-Results: mx.google.com;
dkim=pass header.i=@heteigenwijsje.nl header.s=dkim header.b=o/sOgCmP;
arc=fail (signature failed);
spf=pass (google.com: domain of <PRIVATE>@heteigenwijsje.nl designates 80.127.116.100 as permitted sender) smtp.mailfrom=<PRIVATE>@heteigenwijsje.nl;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=heteigenwijsje.nl
Or does that maybe depend on the ARC milter/proxy used?
OpenARC does seems to have a arc=(pass|fail)
statement, as you say. Passing only that would probably be enough.
The reason why I posted all of it is because I want to provide all the information :)
I have added de arc authentication method, could you check if this work for you before I release a new version? Thanks :)
Did some tests:
I think that this works as it should!
Thanks for letting me know, just pushed a new release with this change :+1:
Is there any plans for verifying ARC headers?