Authenticated Received Chain (ARC) is an E-mail authentication system that allows an intermediate mail server such as a forwarding service to sign the original authentication results of an E-mail. This way, ARC allows the receiving server to validate E-mails even if SPF and DKIM have been invalidated by an intermediate server.
For SEPPmail Secure E-Mail Gateway, it is mostly relevant in context with MS365.
For the ARC configuration at Microsoft, see https://learn.microsoft.com/de-de/microsoft-365/security/office-365-security/email-authentication-arc-configure?view=o365-worldwide.
Possible scenarios
Scenario |
In SEPPmail Secure E-Mail Gateway for Managed domain ARC Key |
In Exchange Online |
|---|---|---|
Parallel - with MSP
|
Use the master ARC key of SEPPmail Secure E-Mail Gateway.
See |
Enter the domain of the master ARC key.
See |
Inline(for example for non-ExchangeOnline customers or inline connection) |
Use the DKIM key.
See |
n/a |
Parallel - Simple |
Set to "a separate key" per domain.
See |
Enter managed domain, e.g. "contoso.eu".
See |
The master ARC key of SEPPmail Secure E-Mail Gateway has a domain for the DNS entry, and can use a selector for different keys (the default is "default"). Only the parallel scenario with MSP uses the master ARC key in connection with MS365.
