Please enable JavaScript to view this site.

MDaemon Email Server 24.5

Navigation: Security Menu > Security Manager > Sender Authentication

ARC Settings

Scroll Prev Top Next More

Authenticated Received Chain (ARC) is an email authentication protocol that lets intermediate mail servers digitally sign a message's authentication results. It provides an authenticated "chain of custody" for a message, allowing each server that handles the message to see what previous servers handled it and whether or not it was authenticated at each step. When a downstream mail server does DMARC verification and finds that SPF or DKIM have failed (due to forwarding or mailing list modifications, for example), it can look for ARC results from a trusted server and use them to decide whether to accept the message.

For more information on the ARC protocol, see: RFC 8617: The Authenticated Received Chain (ARC) Protocol.

ARC Verification

Enable ARC verification

Check this box to enabled ARC verification.

Trusted ARC Sealers

Trusted ARC Sealers are the domains whose ARC results you trust. ARC results from non-trusted domains are ignored when doing DMARC verification.

ARC Signing

Sign eligible outbound messages using ARC

Forwarded messages, mailing list messages, and gateway messages with authentication results are eligible for ARC signing. ARC signing needs a designated selector and signing domain below.

Default selector

Use this option to choose the default selector to use for ARC signing. You can use the same selector that you use for DKIM signing, or create a new one.

Default signing domain

Choose the default domain for ARC signing.

Advanced

If you host multiple domains and want to use a different selector or signing domain for any of them, click Advanced to configure that.