Re: [mailop] Doesn't ARC substitute DKIM at Gmail inbound?
Dave Crocker via mailop skrev den 2024-05-05 19:21: But that certainly is a common misconception about DKIM. not even if users have there own dkim selector ? ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Doesn't ARC substitute DKIM at Gmail inbound?
On 5/5/2024 9:49 AM, Andrew C Aitchison via mailop wrote: DKIM proves that you did send it. No it doesn't. But that certainly is a common misconception about DKIM. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net mast:@dcrocker@mastodon.social ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Doesn't ARC substitute DKIM at Gmail inbound?
Andrew C Aitchison via mailop skrev den 2024-05-05 18:49: On Sat, 4 May 2024, Alessandro Vesely via mailop wrote: The last URL in the response says something about ARC: ARC checks the previous authentication status of forwarded messages. If a forwarded message passes SPF or DKIM authentication, but ARC shows it previously failed authentication, Gmail treats the message as unauthenticated. Isn't it overkill to put both DKIM /and/ ARC if you know the receiver implements both? I don't think so. DKIM proves that you did send it. ARC proves that you forwarded what you received ? without trustness ? ARC-signer/ARC-Sealers have to be trusted, to make any different is arc btw ensure tested in dmarc ?, trustness or ? In this case GMail can see that you forwarded the mail, but cannot prove that it really came from the original sender. I think that this way GMail can reject the email, or put it in the spam folder, but without blaming you. gmail users should stop using gmail, problem solved I am not sure that ARC is supposed to do what we think it is. if you run all without trustness nothing works ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
Re: [mailop] Doesn't ARC substitute DKIM at Gmail inbound?
On Sat, 4 May 2024, Alessandro Vesely via mailop wrote: The last URL in the response says something about ARC: ARC checks the previous authentication status of forwarded messages. If a forwarded message passes SPF or DKIM authentication, but ARC shows it previously failed authentication, Gmail treats the message as unauthenticated. Isn't it overkill to put both DKIM /and/ ARC if you know the receiver implements both? I don't think so. DKIM proves that you did send it. ARC proves that you forwarded what you received ? In this case GMail can see that you forwarded the mail, but cannot prove that it really came from the original sender. I think that this way GMail can reject the email, or put it in the spam folder, but without blaming you. I am not sure that ARC is supposed to do what we think it is. -- Andrew C. Aitchison Kendal, UK and...@aitchison.me.uk ___ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop