[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenARC header info

Subject: Re: OpenARC header info
From: "Rolf E. Sonneveld" <R.E.Sonneveld@xxxxxxxxxxxxx>
Date: Sat, 11 Aug 2018 00:42:38 +0200

All,

On 11-08-18 00:04, Rolf E. Sonneveld wrote:

Hi,

using the following configuration:

AuthservID        mx3.mailtransaction.com
Domain            mx3.mailtransaction.com
KeepTemporaryFiles    no
KeyFile            /etc/openarc/201808.private
MilterDebug        0
Mode            v
Selector        201808
SignatureAlgorithm    rsa-sha256
Socket            inet:3336@localhost
SoftwareHeader    yes
Syslog            Yes
SyslogFacility    mail
TemporaryDirectory    /tmp
UserID        openarc:openarc

For an incoming test message I see the following in the logfile:
Aug 10 23:49:52 lithium postfix-inet0/smtpd[7359]: connect frommail-yw1-f54.google.com[209.85.161.54]Aug 10 23:49:53 lithium postfix-inet0/smtpd[7359]: Anonymous TLSconnection established from mail-yw1-f54.google.com[209.85.161.54]:TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)Aug 10 23:49:53 lithium postfix-inet0/smtpd[7359]: 41nJgj7403z2nGHV:client=mail-yw1-f54.google.com[209.85.161.54]Aug 10 23:49:54 lithium postfix-inet0/cleanup[7362]: 41nJgj7403z2nGHV:message-id=<CAJV=Fezkvghnk3Q4hK_BfkEB9f_CG46=A4Ju5PzRtmg+1RxzmA@xxxxxxxxxxxxxx>Aug 10 23:49:54 lithium opendkim[1335]: 41nJgj7403z2nGHV:mail-yw1-f54.google.com [209.85.161.54] not internalAug 10 23:49:54 lithium opendkim[1335]: 41nJgj7403z2nGHV: notauthenticatedAug 10 23:49:54 lithium opendkim[1335]: 41nJgj7403z2nGHV: DKIMverification successfulAug 10 23:49:54 lithium opendkim[1335]: 41nJgj7403z2nGHV: s=20161025d=gmail.com SSLAug 10 23:49:54 lithium opendmarc[19642]: implicit authenticationservice: mx3.mailtransaction.comAug 10 23:49:54 lithium opendmarc[19642]: 41nJgj7403z2nGHV: gmail.compassAug 10 23:49:54 lithium postfix-inet0/qmgr[7215]: 41nJgj7403z2nGHV:from=<rolf.sonneveld@xxxxxxxxx>, size=2821, nrcpt=1 (queue active)Aug 10 23:49:54 lithium postfix-inet0/smtpd[7359]: disconnect frommail-yw1-f54.google.com[209.85.161.54] ehlo=2 starttls=1 mail=1 rcpt=1data=1 quit=1 commands=7Aug 10 23:49:54 lithium postfix-inet0/smtp[7363]: 41nJgj7403z2nGHV:to=<r.e.sonneveld@xxxxxxxxxxxxx>,relay=mx25.mailtransaction.com[78.46.16.213]:1025, delay=0.95,delays=0.76/0.01/0.09/0.09, dsn=2.0.0, status=sent (250 2.0.0 Ok:queued as 41nJgk3f5wz1tp58)Aug 10 23:49:54 lithium postfix-inet0/qmgr[7215]: 41nJgj7403z2nGHV:removed
In the header of the mail I see:
ARC-Filter: OpenARC Filter v0.1.0 mx3.mailtransaction.com41nJgj7403z2nGHVDMARC-Filter: OpenDMARC Filter v1.3.1 mx3.mailtransaction.com41nJgj7403z2nGHVAuthentication-Results: mx3.mailtransaction.com; dmarc=passheader.from=gmail.comAuthentication-Results: mx3.mailtransaction.com; spf=passsmtp.mailfrom=rolf.sonneveld@xxxxxxxxxDKIM-Filter: OpenDKIM Filter v2.10.3 mx3.mailtransaction.com41nJgj7403z2nGHV
Authentication-Results: mx3.mailtransaction.com;
dkim=pass (2048-bit key; unprotected) header.d=gmail.comheader.i=@gmail.com header.b=bYFxlJYd;
    dkim-atps=neutral
What is OpenArc supposed to write in the header? I would expect it totell me about ARC validation, but I only see that OpenARC seems tohave 'touched' the header, but no more information. Am I missingsomething?

It seems I do get an ARC-Authentication-Results header when I change'Mode v' to 'Mode sv':

However, as I have separate inbound and outbound MTA's I would expectthe 'ARC-Authentication-Results' header line for inbound traffic for the'Mode v' situation as well. Also, the ARC-Authentication-Results headeris writing 'i=1', which means any ARC-Seals from gmail.com are notdetected? Or does Gmail not yet ARC-sign outbound traffic?


Thanks,
/rolf

Follow-Ups:
Re: OpenARC header info	Seth Blank <seth@xxxxxxxxxxxx>

References:
OpenARC header info	"Rolf E. Sonneveld" <R.E.Sonneveld@xxxxxxxxxxxxx>