←back to thread

Understanding SPF, DKIM, and DMARC: A Simple Guide

(github.com)
443 points miles | 1 comments | 17 Jun 24 17:35 UTC | HN request time: 0.202s | source
Show context
detourdog ◴[17 Jun 24 21:20 UTC] No.40711202[source]
When I first implemented the above the next step was going to be ARC.

Does anyone have thoughts on ARC?

https://www.validity.com/blog/how-to-explain-authenticated-r...

replies(1): >>40711295 #
jabroni_salad ◴[17 Jun 24 21:30 UTC] No.40711295[source]
It's only really needed if you need to robo-forward stuff between domains. For example if you set up a domain but want to receive emails to your usual gmail.

I noticed that cloudflare's email forwarder uses an ARC record and it works a treat.

replies(2): >>40711377 #>>40716866 #
1. detourdog ◴[18 Jun 24 12:12 UTC] No.40716866[source]
I'm thinking I will add it as part of next upgrade. My domain has so few users and we are chill enough to work through email delivery issues. My understanding at the time was that the receiver verifies that the sender sent it.

My current delivery settings are strict so that only my server can delivery our email. I would think I could implement ARC in less strict manner and tighten it up as it becomes more common.

Does that seem reasonable? Any better ideas.