-1

I have a situation to accept or reject an email depending on DKIM. When DKIM check fails I shall reject the incoming mail.

We are working with a clients which forward us mails and some of them are not signed from the origin of the mail sender, so our client are forwarding us an unsigned mail.

mail@origin-sender.com (no DKIM) -> mail@our-client.com -> mail@me.com

I am not sure if ARC will do the job here or not. Is there a way to verify the mail forwarded by our clients to us when the original mail is not signed?

glts
  • 681
  • 4
  • 14
Diyan Bogdanov
  • 1
  • 1
  • Sounds like the sort of security topic where clearly defining your *threat model* is needed to determine what is an appropriate solution. What about the filtering happening at the forwarder is insufficient for you, what sort of mail do you wish to reject on your end? – anx Sep 05 '22 at 09:50

0 Answers0