What is RFC 8617 (ARC)?

RFC 8617 defines ARC (Authenticated Received Chain), a mechanism for preserving authentication results when messages pass through intermediaries like mailing lists or forwarding services that legitimately modify messages.

ARC addresses a limitation of SPF and DKIM: legitimate forwarding often breaks authentication, causing DMARC failures for valid messages. ARC creates a chain of custody where each intermediary seals authentication results before modification.

Receivers evaluating ARC chains can see authentication status at each hop, distinguishing legitimate forwarding (which breaks authentication but has valid ARC chain) from spoofing (which lacks authenticated chain). Major providers increasingly support ARC evaluation.