ARC is a relatively new email authentication mechanism introduced in 2016. It was adopted by Microsoft in 2019 for Microsoft-sealed ARC signatures.
ARC-Authentication-Results is a header field that records the results of the email authentication mechanisms, such as SPF, DKIM, and DMARC, for a message that has been processed by the Authenticated Received Chain (ARC) protocol.
What is ARC and why you should care?
ARC stands for Authenticated Received Chain, and it is an email authentication standard that helps solve a common problem with indirect mail flow.
Indirect mail flow happens when emails are not delivered directly from the sender to the recipient, but go through one or more intermediaries, such as mailing lists or forwarding services. These intermediaries may modify the email headers or content, which can cause the email to fail SPF, DKIM, or DMARC checks. As a result, legitimate emails may be rejected or marked as spam by the recipient’s mail server.
To prevent this, ARC preserves the original email authentication results and the identity of the intermediaries in a series of headers added to the email. This way, the recipient’s mail server can verify the authenticity and integrity of the email, even if it has been altered in transit.
ARC is not a replacement for SPF, DKIM, or DMARC, but a complementary solution that works with them. ARC is already supported by major mailbox providers like Google, Verizon Media, and Microsoft, and it is expected to become more widely adopted in the future.
ARC can help improve your email deliverability and reputation, especially if you send emails to or through intermediaries. By using ARC, you can ensure that your emails are not falsely rejected or flagged as spoofed or phishing attempts.
The three key components of ARC are:
- ARC Authentication Results header: a header that contains the email authentication results of SPF, DKIM, and DMARC.
- ARC Message Signature header: a header that captures a snapshot of the message header information, such as the to, from, subject, and body fields.
- ARC Seal header: a header that seals the information in the ARC Signature and the ARC Authentication Results headers. This header also has a chain validation tag (“cv=”) that indicates the outcome of validating the existing ARC chain. The value can be “none”, “fail”, or “pass”.
Was this helpful?
0 / 0