Re: [dmarc-ietf] ARC questions

"Douglas E. Foster" <> Sun, 22 November 2020 19:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 94E153A0AF1 for <>; Sun, 22 Nov 2020 11:18:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.098
X-Spam-Status: No, score=-0.098 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTML_TAG_BALANCE_BODY=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id QnCNVdRT--99 for <>; Sun, 22 Nov 2020 11:18:57 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E25883A0AEE for <>; Sun, 22 Nov 2020 11:18:56 -0800 (PST)
X-ASG-Debug-ID: 1606072735-11fa313c012bc50001-K2EkT1
Received: from ( []) by with ESMTP id 9kU9jH1BTTT4juXN (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO) for <>; Sun, 22 Nov 2020 14:18:55 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s1025; h=from:message-id:subject:to; bh=oKgKSkeexsc7nLyELU4UgFDJNEZbUyNDbCtIq8oIcfM=; b=kdAlurxUiN3IIC+CcRZqxE72wsGoYrazjzc0/O9GLl6ud+OARUSDqKOi9e5hDH7oo QQ9/kcr/0l4QpGtio+GXqpC7uFkOoJmJXvHM/a1AlUIPgCpFZOAOcfU+93w47g/xQ 7EOK92ktgSowwvxwFyfy5YozRKYqcHf+zsh1MJPKY=
Received: by via HTTP; Sun, 22 Nov 2020 14:18:46 -0500
Date: Sun, 22 Nov 2020 14:18:44 -0500
X-ASG-Orig-Subj: RE: [dmarc-ietf] ARC questions
Message-ID: <2d4e1d382d8c4f669a15267d8877d65d@com>
MIME-Version: 1.0
Content-Type: multipart/multipart; boundary=2b35cce13c3b428aa89c01182bf4714c
Importance: normal
From: "Douglas E. Foster" <>
X-Exim-Id: 2d4e1d382d8c4f669a15267d8877d65d
X-Barracuda-Start-Time: 1606072735
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Virus-Scanned: by bsmtpd at
X-Barracuda-Scan-Msg-Size: 3378
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.81
X-Barracuda-Spam-Status: No, SCORE=0.81 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=HTML_MESSAGE, HTML_TAG_BALANCE_BODY
X-Barracuda-Spam-Report: Code version 3.2, rules version Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.81 HTML_TAG_BALANCE_BODY BODY: HTML has unbalanced "body" tags 0.00 HTML_MESSAGE BODY: HTML included in message
Archived-At: <>
Subject: Re: [dmarc-ietf] ARC questions
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 22 Nov 2020 19:18:59 -0000

ARC has a very limited set of items included in the signature.   Body hash is purposefully excluded.  So it is the same signature algorithm but with different parameters and a different purpose.  Therefore it has a different header label .Sent from my Verizon, Samsung Galaxy smartphone<div>
</div><!-- originalMessage --><div>-------- Original message --------</div><div>From: John R Levine <> </div><div>Date: 11/22/20  2:14 PM  (GMT-05:00) </div><div>To: Michael Thomas <>om>, "Kurt Andersen (b)" <> </div><div>Cc: </div><div>Subject: Re: [dmarc-ietf] ARC questions </div><div>
</div>> Is there a reason that there is a separate ARC-signature rather than just 
> using the DKIM signature that is normally created for the new message? Since 
> ARC is new, you'd not want the intermediary to stop DKIM signing the message 
> so you end up with essentially two signatures doing essentially the same 
> thing?

The ARC signature has a sequence number so you can track the chain of 
custody.  You are right that it is similar to the DKIM signature but the 
extra ovehead doesn't seem excessive.

John Levine,, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.

dmarc mailing list