ARC is very new. The draft was published in Oct 2015 and will expire at
18. April 2016. Some large providers (google ....) are just testing it.
There is still no Perl implemetation available, But Mail::DKIM with
several extensions may do the tick.
Let's see how this is going on. If ARC becomes a standard, several other
signature check RFC's have to be updated (DKIM, DMARC).
>or is it just for mailing list software?
It adrresses an DKIM issue for mailing lists.This email is sent by me
including a DKIM-signature - the mailing list provider has to modify the
mail according our mailing list settings in mail-man at SF and so the
DKIM-signature becomes invalid, if sourceforge sends it to the list
members. For this reason, SF removes the DKIM signature from the mail.
SF validates the signature and spamassassin provides this result in there
header lines, but there is no draft, to tell the members, that the origin
mail from me was SPF valid and DKIM valid.
ARC provides a mechanism to solve this 'problem'. But IMHO - this is not
needed, because SF forwards only verified mails from verfied members to
known members.
ARC is nice, but it leads in to a new problem. It adds up to three new,
more or less large signature header lines on each host in chain that
supports it. In addition to possibly multiple included DKIM-signatures, MS
headers, assp headers, spamassassin headers, mailing list headers .......
, this will result some times in oversized headers.
For example - the mail chain:
me -> my mailserver(ARC + DKIM) ->my ASSP(ARC + DKIM) -> SF(ARC) -> your
google(ARC) -> your ISP(ARC) -> your ASSP(ARC check and possibly add) ->
your mail server
Now assume, you are in vacation and your mailserver forwards the mail to
your hotmail account. Yes, I know, this chain is a wild construct - but it
is possible.
Currently I don't see a future of ARC - but may be I'm wrong. If ARC
becomes a standard, assp will support it in future.
Thomas
Von: James Brown <[email protected]>
An: ASSP development mailing list <[email protected]>
Datum: 11.03.2016 06:24
Betreff: [Assp-test] ARC (Authenticated Received Chain) & ASSP
Hi Thomas,
just wondering if there is anything that ASSP needs to do to support this,
or is it just for mailing list software?
ARC Specification for Email <http://arc-spec.org/>
draft-jones-arc-usage-00 - Recommended Usage of the Authenticated Received
Chain (ARC) <https://tools.ietf.org/html/draft-jones-arc-usage-00>
Two ARC Implementations Tested At Interoperability Event – <
https://dmarc.org/2016/03/two-arc-implementations-tested-at-interoperability-event/
>dmarc.org <http://dmarc.org/>
Thanks,
James.------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
_______________________________________________
Assp-test mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-test
