search

trusteddomainproject / OpenARC

Open source ARC implementation
BSD 2-Clause "Simplified" License
135 stars 45 forks source link

Do not add Authentication-Results header when no ARC chain is present #146

Open glts opened 3 years ago

glts commented 3 years ago

When a message does not have any ARC headers and so provides no ARC status information (usually, most messages), OpenARC will still always add a header:

Authentication-Results: mail.example.com; arc=none smtp.remote-ip=1.2.3.4

Please consider if the Authentication-Results header might not best be omitted in such cases.

Compare with OpenDKIM, which by default does not add an Authentication-Results header when no DKIM signature is present. See also OpenDKIM's AlwaysAddARHeader parameter.

This is more of a question or suggestion than a feature request.

xvybihal commented 1 year ago

Any thoughts on this? I really dislike that the IP is leaked via smtp.remote-ip and would welcome if it could be not added.