On 2024-02-09 at 09:38:27 UTC-0500 (Fri, 9 Feb 2024 14:38:27 +0000)
Jeremy Harris via Exim-users <j...@wizmail.org>
is rumored to have said:
On 2/9/24 14:09, Bill Cole via Exim-users wrote:
Should I add an Authentication-Results header for mail coming in via
587?
NO.
Or am I misusing/abusing ARC?
That.
ARC is for forwarding systems.
Probably per the real intent of ARC, yes.
But it's technically possible to regard what an MSA does
as "forwarding", and you could reasonably add an AR on
reception on 587 to label whatever exim did to authenticate
the client (eg. an SMTP AUTH method such as PLAIN) -
and initiate an ARC chain using that.
Ewww. :)
There's already a widespread mechanism in broad use for tagging a
message as having used SMTP AUTH at a particular MTA: 'ESMTP[S]A' in the
relevant Received header. Some systems even put the authentication
identity there. I expect that any automated system looking for
indicators of authentication at a SMTP/Submission "hop" will already be
relying on that rather than looking for an AR header. BICBW
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscr...@lists.exim.org
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
