Google is using Authenticated Received Chain (ARC) for their Google Apps to support (internal) forwarding of mails without loosing DMARC authentification results. Since it will use a new MAIL FROM and creates a new DKIM Signature for forwarded mails the DMARC alignment will fail and the corresponding records will appear as Untrusted sources / Threats.
An excerpt of a report may look like this, where example.net is the domain that is receiving this DMARC report:
As defined in https://datatracker.ietf.org/doc/html/rfc8617#section-7.2.1 the reason type along with the reason comment arc=pass indicate, that the mails actually did pass the DMARC alignment in a previous part of the ARC.
The reports that I have seen so far to not contain any additional informations besides the arc=pass, although the (currently experimental) RFC suggests to do so.
This ARC information allows us to filter those records and list them as a separate category when viewing a DMARC report in modoboa.
I'm going to put up a PR to provide an enhancement supporting the ARC results.
Google is using Authenticated Received Chain (ARC) for their Google Apps to support (internal) forwarding of mails without loosing DMARC authentification results. Since it will use a new MAIL FROM and creates a new DKIM Signature for forwarded mails the DMARC alignment will fail and the corresponding records will appear as
Untrusted sources / Threats
.An excerpt of a report may look like this, where
example.net
is the domain that is receiving this DMARC report:As defined in https://datatracker.ietf.org/doc/html/rfc8617#section-7.2.1 the reason type along with the reason comment
arc=pass
indicate, that the mails actually did pass the DMARC alignment in a previous part of the ARC. The reports that I have seen so far to not contain any additional informations besides thearc=pass
, although the (currently experimental) RFC suggests to do so.This ARC information allows us to filter those records and list them as a separate category when viewing a DMARC report in modoboa.
I'm going to put up a PR to provide an enhancement supporting the ARC results.