On Tue, Aug 13, 2019 at 5:54 PM Stephen J. Turnbull <turnbull.stephen.fw@u.tsukuba.ac.jp> wrote:
You need to enable ARC by adding the ARC section to mailman.cfg and setting "enabled = yes" in it.
Aha! That was the missing config. Thank you!
What do you mean by "effect"? Is the "effect" that you're not seeing the presence of ARC header fields in outgoing mail? If so, you probably haven't set the enabled flag.
No, I hadn't as it was not present in the documentation. Tested that and received a stacktrace where authres (of which I know nothing) throws an exception complaining on a syntax error when parsing the AuthenticationResultsHeader. It seems as if it requires an authserv-id field but the few examples of the AuthenticationResultsHeader I've looked at just starts with the server name followed by a semicolon, with no preceeding tag for that server name value.
Aug 14 13:43:25 2019 (28958) ACCEPT: <msgid_removed> Aug 14 13:43:26 2019 (28962) Uncaught runner exception: Syntax error: Expected authserv-id at: ; dkim=pass header.d=domain.tld; arc=none... Aug 14 13:43:26 2019 (28962) Traceback (most recent call last): File "...VENV/lib/python3.7/site-packages/mailman-3.2.3-py3.7.egg/mailman/core/runner.py", line 173, in _one_iteration self._process_one_file(msg, msgdata) File "...VENV/lib/python3.7/site-packages/mailman-3.2.3-py3.7.egg/mailman/core/runner.py", line 266, in _process_one_file keepqueued = self._dispose(mlist, msg, msgdata) File "...VENV/lib/python3.7/site-packages/mailman-3.2.3-py3.7.egg/mailman/runners/pipeline.py", line 37, in _dispose process(mlist, msg, msgdata, pipeline) File "...VENV/lib/python3.7/site-packages/mailman-3.2.3-py3.7.egg/mailman/core/pipelines.py", line 50, in process handler.process(mlist, msg, msgdata) File "...VENV/lib/python3.7/site-packages/mailman-3.2.3-py3.7.egg/mailman/handlers/arc_sign.py", line 71, in process sign(msg, msgdata) File "...VENV/lib/python3.7/site-packages/mailman-3.2.3-py3.7.egg/mailman/handlers/arc_sign.py", line 50, in sign standardize=('ARC-Standardize' in msgdata)) File "...VENV/lib/python3.7/site-packages/authheaders-0.11.0-py3.7.egg/authheaders/__init__.py", line 256, in sign_message return ARC(msg, logger=logger).sign(selector, domain, privkey, srv_id, include_headers=sig_headers, timestamp=timestamp, standardize=standardize) File "...VENV/lib/python3.7/site-packages/dkimpy-0.9.3-py3.7.egg/dkim/__init__.py", line 953, in sign for res in ar_headers] File "...VENV/lib/python3.7/site-packages/dkimpy-0.9.3-py3.7.egg/dkim/__init__.py", line 953, in <listcomp> for res in ar_headers] File "...VENV/lib/python3.7/site-packages/authres-1.2.0-py3.7.egg/authres/__init__.py", line 206, in parse return authres.core.AuthenticationResultsHeader.parse(core_features(), string) File "...VENV/lib/python3.7/site-packages/authres-1.2.0-py3.7.egg/authres/core.py", line 442, in parse return self.parse_value(feature_context, string) File "...VENV/lib/python3.7/site-packages/authres-1.2.0-py3.7.egg/authres/core.py", line 454, in parse_value header._parse() File "...VENV/lib/python3.7/site-packages/authres-1.2.0-py3.7.egg/authres/core.py", line 504, in _parse raise SyntaxError('Expected authserv-id', self._parse_text) authres.core.SyntaxError: Syntax error: Expected authserv-id at: ; dkim=pass header.d=domain.tld; arc=none... Aug 14 13:43:26 2019 (28962) SHUNTING: 1565790206.708188+e4196a80c2afc177ddc001ce8bbd8789f8d08912
Of what kind? It's a simple protocol: if there is authentication information (DKIM or ARC) in the incoming message, validate it. Then package up the validation in the ARC-AR, ARC-Signature, and ARC-Seal fields. Those are the operations the module performs.
Limitations in Mailman3. I really should have written "other requirements or known incompatibilities".
Thanks // David