Should I be using this?

[tuaris]

I need a way to validate and add ARC signatures. I know this software will do that, but I am confused if this the recommended solution or if it has been superseded by something else. I see no mention of it at http://www.trusteddomain.org.

[glts]

OpenARC is experimental, and apparently no longer developed.

It can be made to work after applying a few patches, though, and I have used the experimental Debian package for a bit to validate ARC signatures. Then, I lost interest in ARC.

You can find several milters that implement ARC by searching online for ‘email authentication milter’, ‘arc milter’, and similar. I don’t believe there is a canonical replacement.

Maybe you’ll get an official statement later – I’m not involved with this project.

[wioxjk]

I personally, ended up deploying the authentication_milter by fastmail instead (https://github.com/fastmail/authentication_milter) of this. OpenARC was dead, and was clearly in alpha-stage.

[xpunkt]

wioxjk skrev den 2022-09-10 20:10:

I personally, ended up deploying the authentication_milter by fastmail instead (https://github.com/fastmail/authentication_milter) of this. OpenARC was dead, and was clearly in alpha-stage.

just like rspamd, seeing forward to spamassassin v4 clears all mess up

all trusteddomain projects need patches to follow all rfcs now, even if this happen it is not safe that it wont break on trustness, it was a good long test, but ended badly on trustness, openarc is nothing worth if sealer is untrusted, and if opendmarc does not trust the sealer, then we are back to trust dkim or not

imho biggest problem is mailman and combo of SRS+SPF breaks forwarding trustness, we would be better without SRS in that regard then trust forged envelope senders

above milter is nice, but not in gentoo portage still, i have tryed make it, but dependice was unstable for me to build on