[dmarc-discuss] A bit quiet?

Scott Kitterman sklist at kitterman.com
Mon Oct 26 16:57:22 PDT 2015



On October 26, 2015 9:12:17 AM EDT, Roland Turner via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:
>Scott Kitterman wrote:
...
snipped down to one bit as we seem to mostly be going around in circles
...
>> As a domain owner, I can control what sources of mail are able to
>> generate mail that passes SPF or has a valid DKIM signature with d=
>my
>> domain.  Anyone, anywhere can generate an ARC stamp with my domain in
>it,
>> so it's completely different.
>
>No, they can't.
>
>(More accurately, like a DKIM signature, anyone can create one, but it
>won't validate unless they've also gotten their hands on one of your
>private keys.)

Who adds the ARC stamp? Perhaps I read it wrong, but I read it as being added by the intermediary and not the originator (previous hop).

If I read it right, anyone can create an ARC stamp claiming to have received authenticate (e.g. DKIM signed) mail from my domain.  Am I reading it wrong?

Scott K


More information about the dmarc-discuss mailing list