>ARCsigningHost set to the primary domain we use
There is a big difference between an domain name and a hostname (full
qualified host name)!
The parameter is ARCsigningHost NOT ARCsigningDomain
...
The signing domain is parsed from the senders address (header From: or
Sender:) in outgoing mails - and this value (or myName) in incoming mails.
>I'm not sure why the "the signing domain is parsed from the sender's
address...." part is here.
ASSP may be used for more than one local domain.
>This configuration is just for incoming mail,
...
If selected, ASSP will add Authenticated Received Chain (ARC) signatures
to all messages,
Thomas
Von: "K Post" <nntp.p...@gmail.com>
An: "ASSP development mailing list" <assp-test@lists.sourceforge.net>
Datum: 17.04.2018 23:45
Betreff: [Assp-test] genArc testing
Absolutely not not critical, but my tests for genARC in 18107 doesn't seem
to do anything.
genARC checked
ARCsigningHost set to the primary domain we use
No changes to DKIMgenConfig made since DKIM signing for our outgoing
messages from our main domain works fine.
I'd expect to see ARC signatures on all of the incoming mail, but I see
nothing in the headers. Any debugging flags I can set to see why not?
Is genARC only active when mail is actually "relayed" as the GUI suggests,
as in only mail that comes through the relay port? if that's the case,
the rest of this email is moot. If not, maybe change the language to say
"incoming mail' vs relayed?
The tests I did is from external hosts which dkim sign their mail, but if
I understand correctly ARC should be added by ASSP even if there's no
incoming DKIM sig. All perl modules show up to date (except
for Archive::Libarchive::XS(libarchive-version) which you said was okay).
ARC is essentially just saying what our DKIM/SPF results were. If the
mail is ultimately forwarded elsewhere, it's up to the other server to
decide if it wants to honor what we're saying. (right?)
Also, a suggestion, the description of genARC is currently:
If selected, ASSP will add Authenticated Received Chain (ARC) signatures
to all messages, if it finds a valid DKIM configuration in DKIMgenConfig
for the sending domain. This will also be done for noprocessing mails. If
available, the check results for SPF, DKIM and DMARC will be provided in
the generated ARC-signature. This requires an installed Mail::DKIM module
in PERL.
I think this should be
If selected, ASSP will add Authenticated Received Chain (ARC) signatures
to all messages provided it finds a valid DKIM configuration in
DKIMgenConfig for ARCSigningHost (or myName if ARCsSigningHost is blank).
This will also be done for noprocessing mails. If available, the check
results for SPF, DKIM and DMARC will be provided in the generated
ARC-signature. This requires an installed Mail::DKIM module in PERL.
ARCSigningHost is described as:
The full qualified host name to be used for Authenticated Received Chain
(ARC) signing. If not defined, myName is used. The signing domain is
parsed from the senders address (header From: or Sender:) in outgoing
mails - and this value (or myName) in incoming mails.
I'm not sure why the "the signing domain is parsed from the sender's
address...." part is here. This configuration is just for incoming mail,
I'd leave out stuff about outgoing mail signing (sounds like DKIM to me
not ARC)
It'll be interesting to see how quickly ARC is implemented elsewhere.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
DISCLAIMER:
*******************************************************
This email and any files transmitted with it may be confidential, legally
privileged and protected in law and are intended solely for the use of the
individual to whom it is addressed.
This email was multiple times scanned for viruses. There should be no
known virus in this email!
*******************************************************
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
