On Mon, 6 Nov 2023, Sebastian Nielsen via Exim-users wrote:
Yes you can do this: In acl_rcpt: warn domains = <YOURDOMAIN> remove_header = dkim-signature remove_header = arc-seal remove_header = arc-authentication-results remove_header = arc-message-signature
It will also dump any DKIM or ARC signatures from original sender, instead you sign mail yourself.
Why do you remove ARC signatures ? I thought the aim of ARC was to preserve and authenticate some of the header info when messages are forwarded, perhaps more than once ?
A forwarded email as this, with forwarded_user having a forward to "[email protected]" will become: MAIL FROM: [email protected] RCPT TO: [email protected] From: [email protected] To: [email protected] Will become: MAIL FROM: [email protected] RCPT TO: [email protected] From: [email protected] To: [email protected] Reply-To: [email protected] (If Reply-To on sending mail is already set, it will not be replaced).
That might help the message reach the mailbox, but the recipiient will have to look harder to see who the message claims to have been originally sent by. Note. This example is confusing; was the original sender (assuming all is trustworthy) [email protected] ? A clearer example would have had MAIL FROM: [email protected] RCPT TO: [email protected] -- Andrew C. Aitchison Kendal, UK [email protected] -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
