On Mon, 6 Nov 2023, Sebastian Nielsen via Exim-users wrote:
Yes you can do this:
In acl_rcpt:
warn
domains = <YOURDOMAIN>
remove_header = dkim-signature
remove_header = arc-seal
remove_header = arc-authentication-results
remove_header = arc-message-signature
It will also dump any DKIM or ARC signatures from original sender,
instead you sign mail yourself.
Why do you remove ARC signatures ?
I thought the aim of ARC was to preserve and authenticate
some of the header info when messages are forwarded, perhaps more than once ?
A forwarded email as this, with forwarded_user having a forward to
"somewh...@gmail.com" will become:
MAIL FROM: youru...@server.com
RCPT TO: forwarded_u...@example.org
From: youru...@server.com
To: forwarded_u...@example.org
Will become:
MAIL FROM: forwarded_u...@example.org
RCPT TO: somewh...@gmail.com
From: forwarded_u...@example.org
To: somewh...@gmail.com
Reply-To: youru...@server.com
(If Reply-To on sending mail is already set, it will not be replaced).
That might help the message reach the mailbox, but the recipiient will
have to look harder to see who the message claims to have been
originally sent by.
Note. This example is confusing; was the original sender (assuming all
is trustworthy) youru...@server.com ? A clearer example would have had
MAIL FROM: random.per...@their.server.com
RCPT TO: my.u...@my.server.com
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
