Hi,

The common-lisp.net domain is getting bounces from GMail that the reputation of our domain is too low to accept some messages.

Apparently, GMail wants mail forwarded by a host to be ARC-signed (http://arc-spec.org/) in addition to having it DKIM signed by the original domain.

Since our setup has multiple functions, mail forwarding is handled by different parts of the mail system setup. In relation to ARC-signing, we:

* Forward mail for users with *@common-lisp.net mail addresses (directly by Exim4)

* Handle mail for common-lisp.net mailing lists (using mailman)

Does anybody have experience setting up a system like this? Questions that need to be answered, I think:

* Can we set up ARC signing on the exim4 outbound level (so that we have ARC signing only once, both for the mailing lists and forwarded mail?

* Does every step in the mail chain on the host need to implement ARC signing (i.e. Mailman level *and* the mail service responsible for managing the mail queue)?

* How to implement ARC signing for forwarded mail on exim4 on Debian, since the exim4 instance (version 4.96) only supports DKIM signing, not ARC signing...

Any thoughts? Experiences to be shared?

Regards,