Hi,
The common-lisp.net domain is getting bounces from GMail that the reputation of our domain is too low to accept some messages.
Apparently, GMail wants mail forwarded by a host to be ARC-signed ( http://arc-spec.org/) in addition to having it DKIM signed by the original domain.
Since our setup has multiple functions, mail forwarding is handled by different parts of the mail system setup. In relation to ARC-signing, we:
* Forward mail for users with *@common-lisp.net mail addresses (directly by Exim4) * Handle mail for common-lisp.net mailing lists (using mailman)
Does anybody have experience setting up a system like this? Questions that need to be answered, I think:
* Can we set up ARC signing on the exim4 outbound level (so that we have ARC signing only once, both for the mailing lists and forwarded mail? * Does every step in the mail chain on the host need to implement ARC signing (i.e. Mailman level *and* the mail service responsible for managing the mail queue)? * How to implement ARC signing for forwarded mail on exim4 on Debian, since the exim4 instance (version 4.96) only supports DKIM signing, not ARC signing...
Any thoughts? Experiences to be shared?
Regards,
On 14 Jul 2024, at 13:26, Erik Huelsmann ehuels@gmail.com wrote:
[…]
Does anybody have experience setting up a system like this?
The only thing I can contribute is that I found https://aboutmy.email/ very helpful for diagnosing email settings.
Hi Rudi,
Thanks for the pointer! I've tried it and mail forwarding seems to work relatively reliably (we don't match all criteria on the "bulk senders" requirements list, but my mail was just forwarded, not a bulk mail)...
Also, while I sent my prior mail from my GMail account, GMail rejected my mail for a lot of recipients. Your mail was correctly delivered to all recipients, including those on GMail. So, I'm now using a different mail account to send this mail and see what happens.
I haven't found how to do ARC signing with exim4 other than recompiling the exim package with the experimental feature enabled... For our mailing lists (which is probably the biggest volume), we could probably set up Mailman for ARC signing. That would at least solve *some* of the pain.
Regards,
Erik.
On Sun, Jul 14, 2024 at 7:18 PM Rudi Schlatte rudi@constantly.at wrote:
On 14 Jul 2024, at 13:26, Erik Huelsmann ehuels@gmail.com wrote:
[…]
Does anybody have experience setting up a system like this?
The only thing I can contribute is that I found https://aboutmy.email/ very helpful for diagnosing email settings.
-
Erik Huelsmann -
Erik Huelsmann -
Rudi Schlatte