[JAMES-3985] Implement RFC-8617 The Authenticated Received Chain (ARC) Protocol - ASF JIRA

Attach files

Attach Screenshot

Add vote

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Mailet Contributions
Labels:
- gsoc
- gsoc2024

Description

What

https://datatracker.ietf.org/doc/html/rfc8617

https://arc-spec.org/

The Authenticated Received Chain (ARC) protocol provides an
authenticated "chain of custody" for a message, allowing each entity
that handles the message to see what entities handled it before and
what the message's authentication assessment was at each step in the
handling.

IE secured and standard Received headers.

Example:

ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=S4DQRVgRLMeqank+UkagI9DIPrecaQa+tD+qrvD1XyuYolqGtWYole5yzajb6B71t9ceuFfCWYBmbze89vRt9bCc4KpcjEjzEzuf0xTo4HevTzZ62DEqXKzuXn+nWSGEAdrAcXS3w4RaoyeFC3ypKalcHJggiMStBBKuMG2k1jTk5vxirVqtxLr526AQ3XNGDEewIRMyhbjKDHKinjknJGLucWWli5YOheM4CDVwZXsbNbfhp8TPQitFd411+SDWRduqN2uKE/IqHn1FgqacCKkQaew5MS+GywnbCiNp2BHRgHMJbOt2gIHhFFLiPAow/98PyAdCPAqRmHqvUqSyRQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=FrVWL4P2FSzOMb/KTATCDQLYPJHy7pwVkwAdt3ueFh8=;
 b=E+f/prHAHynoo8GBK4s4Dxsdch6uPcErYd9R9h24Lb9sHlBVycnXby5PjcwqGtnvqEo14+8MEdxv41PYzIGHldjWh8CPgK6YHeWu+Zk8zwy05atOXXRgGkiRdge2bFSgtP4RLvoyV9kwngnR/vCIbSyTchnrZKyQ2IVCyZbEZtpDBgv4YtF9/972A+hZQLvymg4rZai74RDrVxVPJ2hmKOBSfaqTlUIm82HO5D2DMbbN50EmN9cicVOVkFo1d9m7sz7azq5VzybS/52B4nd7uby7ITkM/Enw/tihr9E6NHA31HgqEt8dx9pjTt4VJjVZbjSrv1AyKBl6VSxPerKzeA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=docaposte.fr; dmarc=pass action=none header.from=docaposte.fr;
 dkim=pass header.d=docaposte.fr; arc=none

How

Implement a Mailet implementing ARC

Implement a Matcher validating ARC

Documentation (README)

If applicable, parsing ARC records shall be done as a separate maven module.

Definition of done

Absence of ARC headers shall be nicely handled
Failed ARC shall be rejected
Able to send email to gmail (validates ARC)
Passes the ARC test suite https://github.com/ValiMail/arc_test_suite
Apache james registered on https://arc-spec.org/?page_id=79

GSOC notes

Presenting a 1 week POC on the topic (as a separate mailet) would greatly improve the submission.

How to write custom mailet / matcher: https://github.com/apache/james-project/tree/master/examples/custom-mailets

Attachments

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Unassigned

Reporter:: Benoit Tellier

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 08/Feb/24 09:13

Updated:: 08/Feb/24 09:13

Agile

View on Board

Implement RFC-8617 The Authenticated Received Chain (ARC) Protocol

Details

Description

What

How

Definition of done

GSOC notes

Attachments

Attachments

Activity

People

Dates

Agile

Slack

Issue deployment