This merge request includes both authentication(DKIM/DMARC) and ARC signing handlers added to the pipeline. The ARC signing functionality is done via an official release of dkimpy, which formally validates against the ARC test suite.
One thing which may need some discussion is the way in which DNS timeouts are handled. I created a bit of logic in the outgoing runner that aborts a message and re-queues it into the pipeline if necessary. However in order not to re-process the message, I had to keep around an unprocessed version of the message. I'm not sure if this is the best approach.