On 15.07.2017 10:33, Kurt Andersen wrote: > On Sat, Jul 15, 2017 at 10:27 AM, Juri Haberland <[email protected]> > wrote: > >> On 15.07.2017 09:20, Kurt Andersen wrote: >> >> > It seems like there is another problem here if OpenARC is trying to take >> a >> > "foreign" A-R header and suck it into being "your" AAR header. The only >> > auth results that should ever be trusted is the one you create (per >> > RFC7601). >> >> OpenARC parses all A-R headers and reads them into a structure - one by >> one. After an A-R header is parsed, the AuthServID is compared and if it >> matches, the parsed A-R header is further used - else it is ignored. >> >> So no problem here.
> But if the parsing fails, then it was hanging and causing message deferral, > even if the AuthServID would have disqualified that header from being used > further? It was not hanging, it returned a temp failure to the MTA on purpose (in all cases where OpenARC cannot parse an A-R header) - which is debatable... I have created a pull request to just skip such headers, see https://github.com/mskucherawy/OpenARC/pull/42 Juri _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
