Blog article

  • 23 January 2025
  • 8 minutes read
Author Profile Picture
  • Kiara Saloojee
  • DMARC Enthusiast

Exploring the Authenticated Received Chain (ARC) protocol

Sometimes, emails land in recipients’ Spam folders or get outright rejected when forwarded. This not only impacts trust but also complicates how businesses communicate. That’s why the Authenticated Received Chain (ARC) protocol is important – it makes sure emails stay on track and communication flows smoothly.

The Arc Protocol Creates A Chain Of Trust To Verify Email Authenticity Between Servers.

Email communication is crucial, yet many legitimate business emails never reach their intended inboxes. Traditional authentication methods often fall short, especially with forwarded messages, causing genuine emails to be flagged as Spam. In fact, advertising emails accounted for 36% of Spam globally last year.

Authenticated Received Chain (ARC) steps in to fill the gaps left by Domain-based Message Authentication, Reporting, and Conformance (DMARC), Sender Policy Framework (SPF), and DomainKeys Identified Mail (DKIM). The protocol works to improve deliverability and credibility while enhancing organizations’ defenses against impersonation attacks like phishing emails, which saw daily volumes reach 3.4 billion in 2023.

ARC boosts both trust and deliverability. It’s essential for any organization that depends on email communication to get familiar with this protocol.

Overview of Authenticated Received Chain (ARC)

What is ARC?

Authenticated Received Chain (ARC) is an email authentication protocol that keeps authentication results intact even after emails are forwarded. It creates a chain of trust, enabling receiving servers to verify an email’s authenticity even after several handoffs.

How does ARC work?

ARC captures the original authentication results (from DMARC, SPF, and DKIM) when an email is forwarded and then adds ARC headers to preserve these results across different servers. This system allows ARC-validated emails to maintain their integrity even after multiple forwarding events.

Why is ARC important?

DMARC, SPF, and DKIM can fail when emails are forwarded because the original authentication headers might change or disappear. The ARC protocol maintains these results, solving the DMARC forwarding issue and helping receiving servers verify an email’s legitimacy. With the average worldwide email open rate reported at 36.11% in 2023, it’s key to ensure your company’s communications are delivered to as many customers as possible.

Why was ARC introduced?

Introduced in 2016 by the Internet Engineering Task Force (IETF) to address a gap in email authentication protocols, ARC has been supported by global email servers such as Google and Microsoft. The protocol’s popularity could be attributed to the fact that 45.6% of emails globally end up in Spam folders as of 2023, and its adoption is expected to keep growing as businesses focus more on email security.

How ARC supports DMARC, SPF, & DKIM

DMARC ensures the “From” address matches the sender’s domain, but this can break during forwarding when the “From” address is often changed to that forwarder’s domain. ARC preserves the original DMARC results, reducing the chance of legitimate emails being rejected.

DKIM ensures email integrity with cryptographic signatures, which can be altered during forwarding. ARC captures the original DKIM results, allowing the email to be validated based on its initial authentication.

SPF checks if an email comes from an authorized server but fails if the email is forwarded through an unauthorized server. ARC maintains the original SPF results, aiding in verifying the email’s legitimacy.

Arc Contains The Original Results Of Dmarc, Spf, And Dkim To Maintain Deliverability During Forwarding.

Advantages & limitations of ARC

Advantages of ARC

  • Boosts deliverability: Increases the likelihood that forwarded emails are delivered without being marked as Spam.
  • Maintains trust: Keeps authentication results, reinforcing sender credibility.
  • Complements existing protocols: Pairs with DMARC, SPF, and DKIM to fill authentication gaps.

Limitations of ARC

  • Dependent on solutions: Requires proper configuration of DMARC, SPF, and DKIM. This can be done using Sendmarc’s DMARC management platform.
  • Limited adoption: Adoption is growing but not widespread.
  • Complex for smaller businesses: Implementation may need technical expertise.

Implementing ARC

For organizations that rely heavily on email communication, especially those dealing with forwarded messages, Authenticated Received Chain (ARC) implementation is crucial. It’s invaluable for businesses looking to enhance their authentication setup, cybersecurity, and deliverability. Poor deliverability costs organizations in the U.S. around $59.5 billion annually.

Generically, the steps to implement ARC are as follows, but you might need to investigate how to implement these for your specific email infrastructure:

  1. Ensure DMARC, SPF, and DKIM are properly configured
  2. Choose an email server or provider that supports ARC
  3. Enable ARC in your email server software
  4. Set up ARC signing keys
  5. Test ARC functionality
  6. Monitor ARC results in reports
  7. Optimize and update as needed

Collaborating with a trusted email service provider can simplify the process, especially if internal resources are limited. And remember to regularly monitor DMARC aggregate reports to identify and address potential misconfigurations early.

Incorporating ARC into your organization

Authenticated Received Chain (ARC) is more than just an add-on – it’s an important part of a strong email authentication strategy. By maintaining trust and improving deliverability, ARC ensures your business’s communications are secure, even through complex email forwarding paths.

Interested in learning more about upgrading your organization’s email security? Discover how Sendmarc can boost your company’s cybersecurity with our advanced solutions.

Book a demo

Share

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest articles

All articles
Outlook logo, Microsoft Compliance, Microsoft requires DMARC, SPF, and DKIM
  • 11 minutes read

Microsoft DMARC requirements

Microsoft DMARC, SPF, & DKIM requirements have been announced. Learn what’s needed, what’s still unknown, who this affects, & what your organization should do.
Read more
  • 7 minutes read

Hiring top cybersecurity talent: strategies for success

Hire top cybersecurity talent in 2025. Learn strategies for impactful job descriptions, inclusive hiring, and talent retention.
Read more
Sendmarc and Obscure Technologies partnered to provide more organizations access to advanced email security solutions.
  • 9 minutes read

Sendmarc & Obscure Technologies partner to strengthen email security

Sendmarc and Obscure Technologies are proud to partner in a joint effort to strengthen email security and make the Internet a safer place for everyone.
Read more
Sendmarc logo
Sendmarc Soc2 Compliance badge
certification badge for ISO/IEC 27001:2022
G2 High Performer Badge - Winter 2025

How secure is your brand name from email scammers?

If you’re at risk of impersonation, one of our experts will be in touch to assist.

Linkedin-in Youtube X-twitter Facebook-f

Platform & Services

Company

Platform & Services

Resources