Okay. Well the current plan/goal is to have a production setup/rollout in a few months time (i.e., 12/31/2020), so a knowledgeable[1] patch I could apply while still testing would be fantastic. We currently host ~4000 lists on MM2 (although that number will be closer to ~2500 migrating to our in the works MM3 deployment after we audit MM2 in a month or so). Thanks for devoting any time you can find to this! [1] I currently applied this hack to get around the syntax error... $ diff -u venv/lib/python3.6/site-packages/mailman/handlers/validate_authenticity.py.ORIG venv/lib/python3.6/site-packages/mailman/handlers/validate_authenticity.py --- venv/lib/python3.6/site-packages/mailman/handlers/validate_authenticity.py.ORIG 2020-09-16 14:23:03.565482574 -0400 +++ venv/lib/python3.6/site-packages/mailman/handlers/validate_authenticity.py 2020-09-17 13:17:09.296409626 -0400 @@ -70,10 +70,12 @@ if config.arc.trusted_authserv_ids and (AUTH_RESULT_HEADER in msg): header = '{}: {}'.format(AUTH_RESULT_HEADER, msg[AUTH_RESULT_HEADER]) - authserv_id = AuthenticationResultsHeader.parse(header).authserv_id - if authserv_id in config.arc.trusted_authserv_ids: - return header - + try: + authserv_id = AuthenticationResultsHeader.parse(header).authserv_id + if authserv_id in config.arc.trusted_authserv_ids: + return header + except: + log.exception('AR header failed to parse for message: %s', msg['Message-ID']) @retry(Timeout, NUM_TIMEOUT_RETRIES) def authenticate(msg, msgdata):