ARC (Authenticated Received Chain) on Exchange 2013?

Question

After a successfully implementation of OpenARC on a Linux enviroment I have now started to look at the possibility to implement it on a Exchange environment.

I am fully aware that the draft is subject to change, but providers like Google has already implemented it. Therefore, I would like to deploy it on a Exchange 2013 server.

So my question is, what is the best approach to deploy ARC (Authenticated Received Chain) on a Exchange 2013 environment? Is it even possible yet? Or should I relay the mails throu another server which signs the messages with the ARC header and DKIM?

score 2 · Answer 1 · answered Jan 22 '18 at 05:51

2

In On-premise Exchange, we can use SPF, DKIM and DMARC to prevent spoofing message. No official document about ARC with On-premise Exchange for now.

ARC can be used in Office 365. Refer to: How antispoofing protection works in Office 365

answered Jan 22 '18 at 05:51

Jianfei Wang

387
1
4

Alright, so do you recommend that I do the signing on a separate server then? If so, provide that in the answer so I can mark your question as an asnwer – Orphans Jan 22 '18 at 06:18

score 1 · Accepted Answer · answered Jan 23 '18 at 21:32

I did "solve" it by route emails via a Linux server instead, configured with postfix, amavisd-new (for DKIM signing) and openARC.

The emails is signed correctly and valid. I consider this the "solution" for now until Microsoft has implemented it in Exchange Server.

ARC (Authenticated Received Chain) on Exchange 2013?

2 Answers2