already running 0.52. Is there a newer one somewhere that I don't know
about?
On Wed, Apr 18, 2018 at 6:14 PM, Thomas Eckardt <thomas.ecka...@thockar.com>
wrote:
> update Mail::DKIM to the latest version and the signatures will be
> formated right.
>
> Thomas
>
>
>
>
>
> Von: "K Post" <nntp.p...@gmail.com>
> An: "ASSP development mailing list" <assp-test@lists.sourceforge.
> net>
> Datum: 18.04.2018 17:52
> Betreff: Re: [Assp-test] genArc testing
> ------------------------------
>
>
>
> OK, real example:
> our assp machine name is *assp.OurCharity.org*
> <http://assp.ourcharity.org/>
> most users have <whatever>@OurCharity.org email addresses and DKIM signing
> works for @OurCharity.org mails.
> I do NOT have dkim setup for *assp.ourcharity.org*
> <http://assp.ourcharity.org/>, I certainly could, but no users send with
> that address.
>
> I assumed that putting OurCharity.org into ARCSigningHost would have ASSP
> ARC sign all inbound mail using the DKIM signature key info for
> OurCharity.org found in the dkim config file, but that isn't happening.
> Doesn't this qualify as a fully qualified host name too? Are you saying I
> must have a *someting.OurCharity.org* <http://someting.ourcharity.org/>
> for this vs just the root domain even though just OurCharity.org is
> otherwise valid and able to sign?
>
> On outgoing, I do see our ARC signatures. Very cool. And when I sent a
> test to gmail, it puts its own signature as i=2. That's great. It'll be
> interesting to see what comes next in terms of a arc equivalent of
> senderbase, where trusted forwarders is a list that someone else can
> maintain!
>
> Very minor: I know it's legal to have spaces in DKIM / ARC, but in gmail
> at least, it seems like our signature lines are really long and have spaces
> after some of the entries like h= d= etc. Also of note, gmail's arc
> signatures are nicely formatted, multiple lines indented, broken every 80
> chars or so. ASSP's are very long lines, not indented. If my test gmail
> account forwards a message back to me, the original signatures do show up
> "pretty" formatted and indented in ASSP, but still with the breaks after t=
> in the seal and d= in the signature. I wonder if this is something with
> line breaks windows vs unix or something. I know that none of this
> matters, but thought you'd want to know what I noticed in terms of
> aesthetics.
>
>
>
>
>
>
> On Wed, Apr 18, 2018 at 4:46 AM, Thomas Eckardt <
> *thomas.ecka...@thockar.com* <thomas.ecka...@thockar.com>> wrote:
> >ARCsigningHost set to the primary domain we use
>
> There is a big difference between an domain name and a hostname (full
> qualified host name)!
>
> The parameter is ARCsigning*Host* NOT ARCsigningDomain
>
> ...
> The signing domain is parsed from the senders address (header From: or
> Sender:) in outgoing mails - and this value (or myName) in incoming mails.
>
> >I'm not sure why the "the signing domain is parsed from the sender's
> address...." part is here.
>
> ASSP may be used for more than one local domain.
>
> >This configuration is just for incoming mail,
>
> ...
> If selected, ASSP will add Authenticated Received Chain (ARC) signatures
> to *all* messages,
>
>
> Thomas
>
>
>
>
>
>
> Von: "K Post" <*nntp.p...@gmail.com* <nntp.p...@gmail.com>>
> An: "ASSP development mailing list" <
> *assp-test@lists.sourceforge.net* <assp-test@lists.sourceforge.net>>
> Datum: 17.04.2018 23:45
> Betreff: [Assp-test] genArc testing
> ------------------------------
>
>
>
>
> Absolutely not not critical, but my tests for genARC in 18107 doesn't seem
> to do anything.
>
> genARC checked
> ARCsigningHost set to the primary domain we use
> No changes to DKIMgenConfig made since DKIM signing for our outgoing
> messages from our main domain works fine.
>
> I'd expect to see ARC signatures on all of the incoming mail, but I see
> nothing in the headers. Any debugging flags I can set to see why not?
>
> Is genARC only active when mail is actually "relayed" as the GUI suggests,
> as in only mail that comes through the relay port? if that's the case, the
> rest of this email is moot. If not, maybe change the language to say
> "incoming mail' vs relayed?
>
> The tests I did is from external hosts which dkim sign their mail, but if
> I understand correctly ARC should be added by ASSP even if there's no
> incoming DKIM sig. All perl modules show up to date (except
> for Archive::Libarchive::XS(libarchive-version) which you said was
> okay). ARC is essentially just saying what our DKIM/SPF results were. If
> the mail is ultimately forwarded elsewhere, it's up to the other server to
> decide if it wants to honor what we're saying. (right?)
>
> Also, a suggestion, the description of genARC is currently:
> If selected, ASSP will add Authenticated Received Chain (ARC) signatures
> to all messages, if it finds a valid DKIM configuration in DKIMgenConfig
> for the sending domain. This will also be done for noprocessing mails. If
> available, the check results for SPF, DKIM and DMARC will be provided in
> the generated ARC-signature. This requires an installed Mail::DKIM module
> in PERL.
>
> I think this should be
> If selected, ASSP will add Authenticated Received Chain (ARC) signatures
> to all messages provided it finds a valid DKIM configuration in
> DKIMgenConfig for ARCSigningHost (or myName if ARCsSigningHost is blank).
> This will also be done for noprocessing mails. If available, the check
> results for SPF, DKIM and DMARC will be provided in the generated
> ARC-signature. This requires an installed Mail::DKIM module in PERL.
>
>
> ARCSigningHost is described as:
> The full qualified host name to be used for Authenticated Received Chain
> (ARC) signing. If not defined, myName is used. The signing domain is parsed
> from the senders address (header From: or Sender:) in outgoing mails - and
> this value (or myName) in incoming mails.
>
> I'm not sure why the "the signing domain is parsed from the sender's
> address...." part is here. This configuration is just for incoming mail,
> I'd leave out stuff about outgoing mail signing (sounds like DKIM to me not
> ARC)
>
> It'll be interesting to see how quickly ARC is implemented elsewhere.
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! *http://sdm.link/slashdot*
> <http://sdm.link/slashdot>
> _______________________________________________
> Assp-test mailing list
> *Assp-test@lists.sourceforge.net* <Assp-test@lists.sourceforge.net>
> *https://lists.sourceforge.net/lists/listinfo/assp-test*
> <https://lists.sourceforge.net/lists/listinfo/assp-test>
>
>
>
>
>
> DISCLAIMER:
> *******************************************************
> This email and any files transmitted with it may be confidential, legally
> privileged and protected in law and are intended solely for the use of the
> individual to whom it is addressed.
> This email was multiple times scanned for viruses. There should be no
> known virus in this email!
> *******************************************************
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! *http://sdm.link/slashdot*
> <http://sdm.link/slashdot>
> _______________________________________________
> Assp-test mailing list
> *Assp-test@lists.sourceforge.net* <Assp-test@lists.sourceforge.net>
> *https://lists.sourceforge.net/lists/listinfo/assp-test*
> <https://lists.sourceforge.net/lists/listinfo/assp-test>
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Assp-test mailing list
> Assp-test@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-test
>
>
>
>
>
> DISCLAIMER:
> *******************************************************
> This email and any files transmitted with it may be confidential, legally
> privileged and protected in law and are intended solely for the use of the
> individual to whom it is addressed.
> This email was multiple times scanned for viruses. There should be no
> known virus in this email!
> *******************************************************
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Assp-test mailing list
> Assp-test@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/assp-test
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
