Wouldn’t it be far easier to add the trusted 3rd party domains in some DNS table or lookup, ala an ATPS-like protocol? The RFC5322 ARC overhead is horrendous. Never mind the complexity evolved to implement.
> On Mar 24, 2023, at 7:17 PM, Seth Blank <s...@sethblank.com> wrote: > > Microsoft is using ARC quite heavily, and has reported on this list and at > M3AAWG of the impact it makes > > Microsoft even has on their public roadmap that tools are being built for > their customers to enable per-customer sealers that they choose to trust: > https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=dmarc > > On Fri, Mar 24, 2023 at 5:06 AM Steven M Jones <s...@crash.com > <mailto:s...@crash.com>> wrote: >> On 3/24/23 3:48 AM, Douglas Foster wrote: >> > >> > Do we know if any entity other than Google is successfully using ARC >> > as an evaluation tool? >> >> >> FWIW: In late 2021 a "German company" reported that it was able to >> "recover" about 10% of messages that had failed other authentication >> checks by validating ARC. >>
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc