[
https://issues.apache.org/jira/browse/JAMES-3985?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18015873#comment-18015873
]
Benoit Tellier edited comment on JAMES-3985 at 8/25/25 3:16 AM:
----------------------------------------------------------------
Hello [~eltlwjs3]
Thanks for the update on the topic.
Indeed ARC would be a must for complex relay chain and automatic forwards
accross providers. Current solutions in James may impact DMARC alignement
(rewrite the envelop so that the sender matches the local user - but the header
from thus mismatches it's alignmenet). The only downside for ARC is that all
link in the relay chain needs to implement it for it to have value - not just
james, so in itself alone it is not a silver bullet.
Contribution is definitly welcome on the topic and I could provide mentoring
for it.
Best regards,
Benoit
was (Author: btellier):
Hello [~eltlwjs3]
Thanks for the update on the topic.
Indeed ARC would be a must for complex relay chain and automatic forwards
accross providers. Current solutions in James may impact DMARC alignement
(rewrite the envelop so that the sender matches the local user - but the header
from thus mismatches it's alignmenet).
Contribution is definitly welcome on the topic and I could provide mentoring
for it.
Best regards,
Benoit
> Implement RFC-8617 The Authenticated Received Chain (ARC) Protocol
> ------------------------------------------------------------------
>
> Key: JAMES-3985
> URL: https://issues.apache.org/jira/browse/JAMES-3985
> Project: James Server
> Issue Type: Improvement
> Components: Mailet Contributions
> Reporter: Benoit Tellier
> Priority: Major
> Labels: gsoc, gsoc2024
>
> h3. What
> https://datatracker.ietf.org/doc/html/rfc8617
> https://arc-spec.org/
> The Authenticated Received Chain (ARC) protocol provides an
> authenticated "chain of custody" for a message, allowing each entity
> that handles the message to see what entities handled it before and
> what the message's authentication assessment was at each step in the
> handling.
> IE secured and standard Received headers.
> Example:
> {code:java}
> ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
>
> b=S4DQRVgRLMeqank+UkagI9DIPrecaQa+tD+qrvD1XyuYolqGtWYole5yzajb6B71t9ceuFfCWYBmbze89vRt9bCc4KpcjEjzEzuf0xTo4HevTzZ62DEqXKzuXn+nWSGEAdrAcXS3w4RaoyeFC3ypKalcHJggiMStBBKuMG2k1jTk5vxirVqtxLr526AQ3XNGDEewIRMyhbjKDHKinjknJGLucWWli5YOheM4CDVwZXsbNbfhp8TPQitFd411+SDWRduqN2uKE/IqHn1FgqacCKkQaew5MS+GywnbCiNp2BHRgHMJbOt2gIHhFFLiPAow/98PyAdCPAqRmHqvUqSyRQ==
> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
> s=arcselector9901;
>
> h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
> bh=FrVWL4P2FSzOMb/KTATCDQLYPJHy7pwVkwAdt3ueFh8=;
>
> b=E+f/prHAHynoo8GBK4s4Dxsdch6uPcErYd9R9h24Lb9sHlBVycnXby5PjcwqGtnvqEo14+8MEdxv41PYzIGHldjWh8CPgK6YHeWu+Zk8zwy05atOXXRgGkiRdge2bFSgtP4RLvoyV9kwngnR/vCIbSyTchnrZKyQ2IVCyZbEZtpDBgv4YtF9/972A+hZQLvymg4rZai74RDrVxVPJ2hmKOBSfaqTlUIm82HO5D2DMbbN50EmN9cicVOVkFo1d9m7sz7azq5VzybS/52B4nd7uby7ITkM/Enw/tihr9E6NHA31HgqEt8dx9pjTt4VJjVZbjSrv1AyKBl6VSxPerKzeA==
> ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
> smtp.mailfrom=docaposte.fr; dmarc=pass action=none header.from=docaposte.fr;
> dkim=pass header.d=docaposte.fr; arc=none
> {code}
> h3. How
> Implement a Mailet implementing ARC
> Implement a Matcher validating ARC
> Documentation (README)
> If applicable, parsing ARC records shall be done as a separate maven module.
> h3. Definition of done
> - Absence of ARC headers shall be nicely handled
> - Failed ARC shall be rejected
> - Able to send email to gmail (validates ARC)
> - Passes the ARC test suite https://github.com/ValiMail/arc_test_suite
> - Apache james registered on https://arc-spec.org/?page_id=79
> h3. GSOC notes
> Presenting a 1 week POC on the topic (as a separate mailet) would greatly
> improve the submission.
> How to write custom mailet / matcher:
> https://github.com/apache/james-project/tree/master/examples/custom-mailets
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
