Understanding SPF, DKIM, and DMARC: A Simple Guide

When I first implemented the above the next step was going to be ARC.

Does anyone have thoughts on ARC?

https://www.validity.com/blog/how-to-explain-authenticated-r...

It's only really needed if you need to robo-forward stuff between domains. For example if you set up a domain but want to receive emails to your usual gmail.

I noticed that cloudflare's email forwarder uses an ARC record and it works a treat.

I recently noticed this when debugging email delivery issues for a family member who have their own TLD, but forward everything to Gmail.

Unfortunately, the mail server of the forwarding domain doesn't seem to support ARC, so Gmail frequently throws away everything that doesn't have a DMARC header, since without DMARC the only other option is SPF, which doesn't work for forwarding.

A lot of small businesses in my area have been bit by that this year. I have to give hostgator/bluehost/godaddy etc kudos for having an email forwarder work reliably for so long but I wish they were more proactive about getting their customers compliant with this.

Also it's kinda messed up how much of the small business sector is relying on AOL webmail to operate.

I'm thinking I will add it as part of next upgrade. My domain has so few users and we are chill enough to work through email delivery issues. My understanding at the time was that the receiver verifies that the sender sent it.

My current delivery settings are strict so that only my server can delivery our email. I would think I could implement ARC in less strict manner and tighten it up as it becomes more common.

Does that seem reasonable? Any better ideas.