Hi Sebastian, maybe I'm missing the point, because I didn't follow the gory details of the discussion.
Do you want safely forward messages that are "protected" by DMARC (as DKIM | SPF) originating outside of your server? If you replace the original From: by the forwarder's From:, then the final recipient can't verify the the authenticity of the message. (Broken DKIM, absent SPF). If you need to foward, then either at the MUA level, or if you do it on the MTA level, use SRS to rewrite the sender information (return path). Yes, this breaks the alignment betwenn From: and Sender:, but DKIM should be still intact and allow the recipient a successful verification. I may be completly wrong with my assumptions about your issue, though. Sebastian Nielsen via Exim-users <[email protected]> (Di 21 Apr 2020 22:05:10 CEST): > I really don't understand this hostility against modifying email. > Yes, I know that it isn't RFC compliant for an MTA to modify email. But its > surely possible, and in certain situations, good to do it. .. > Isn't a perfect situation, but totally fine for me. > And my mail gets deliivered with PASS/PASS/PASS on SPF/DKIM/DMARC even when > forwarding from accounts that have aligment set to strict. Because you changed the "origin" of the message, didn't you? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE -
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
