In article <[email protected]>, Jeremy Harris <[email protected]> wrote: >> New version: https://tools.ietf.org/html/draft-ietf-dmarc-arc-usage-06 > >How about another subsection 5.x saying when Originating ADMDs should >take any ARC action? For starting a new ARC chain I assume the answer >is normally "don't" - but perhaps there is an exception when a message >is already DKIM-signed, or when SPF for it would be invalidated by >forwarding (despite it being in-theory a local ADMD source)?
Seems to me that's pretty simple: you should add an ARC seal when you do something that might break DMARC validation, which means modifying the contents of the message (breaks DKIM) or remailing a message (breaks SPF.) It is my impression that if your message already has a local A-R header, it's a good candidate for adding an ARC seal. If not, it probably isn't even though you could in principle add your own A-R which only has arc=none. R's, John -- Regards, John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
