On Wed 12/Feb/2025 17:02:09 +0100 Louis wrote:
As far as I know, ARC only solves this issue if the recipient trusts your ARC
signature. So it really depends on the environment if it actually will be a
solution.
Correct, up to a workable definition of environment.
In most scenarios, the mailbox owner can't trust ARC signatures
themselves. I would prepare for disappointing results unless you're the one
managing both systems.
Yet, domains that publish strict DMARC policies should put DKIM signatures in
their messages. If you don't alter the message, the signature remain valid
(except for legacy sendmail changes which break them.) So adding ARC seals is
a good exercise, but doesn't actually increase deliverability. Maybe that's
why it's still experimental.
a) I use always SRS and ARC to sign/seal the message when I forward
b) I only use ARC and no SRS when the original senders domain has a
dmarc-policy
There will be recipients that check SPF before checking anything ARC/DMARC
related, or they may simply not support checking ARC or DMARC and just enforce
SPF, so I'd always keep using SRS. I see no reason not to at least, beyond
having to handle messages sent to the return-path.
Changing the return-path is always worth. It has nothing to do with DMARC. To
pass DMARC you have to change the From: header, or encapsulate the message in a
message/rfc822 so that the relevant From: header is yours anyway.
Best
Ale
--
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
