>I haven't studied it in any detail yet, and don't know when I will find >the time, but I thought it existence might be of interest to some on the >list, and wondered if dist(1) and others would be users of this new >technique.
My brief reading of ARC is that it is intended for mailing list software to create a signature chain (so not only can you verify that it came from the mailing list domain, but the original message TO the mailing list can be validated). This matters because mailing lists like to do things like change the Subject: header and that would break a DKIM signature. I don't think this is relevant to dist(1); dist(1) would have to know things like the ARC key, which normally it wouldn't. And thinking about it ... I don't think the normal usage of dist(1) SHOULD cause any problems. With regards to SPF, since it uses the MAIL FROM header that should be fine, since your MAIL FROM should be set properly to the identity of the dist(1)er. Since you aren't modifying any headers when using dist(1), the DKIM signature should still be valid. But I could be wrong about all this. --Ken -- nmh-workers https://lists.nongnu.org/mailman/listinfo/nmh-workers
