Outgoing emails from mailflow marked with arc=fail

Hello.

Regarding to the following discussion community.sophos.com/.../outgoing-emails-from-mailflow-arrive-in-spam I have a question.

We have the same problem. Is there a solution to this now? We use Sophos Mailflow and the error "arc=fail" can be found in all mail headers of all outgoing mails.
If we deactivate the outbound MailFlow, the error disappears. SPF, DKIM and DMARC should be configured correctly.
So whats the problem with the ARC?

I would be grateful for a hint.
Best regards
Ronny

Here are the latest ARC results:

(The Mail was send from our Microsoft365 domain.de to an Google Mail Account)

Authentication-Results: mx.google.com;
       dkim=pass header.i=@domain.de header.s=selector1 header.b=yt2KMVaM;
       dkim=pass header.i=@mail-dkim-eu-central-1.prod.hydra.sophos.com header.s=v1 header.b=p2rjqMLN;
       arc=fail (signature failed);
       spf=pass (google.com: domain of test@domain.de designates xxxxx as permitted sender) smtp.mailfrom=test@domain.de;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=domain.de
ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=fail;
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 94.140.18.225) smtp.rcpttodomain=googlemail.com smtp.mailfrom=domain.de; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=domain.de; dkim=pass (signature was verified) header.d=mail-dkim-eu-central-1.prod.hydra.sophos.com; arc=fail (47)

ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=domain.de; dmarc=pass action=none header.from=domain.de; dkim=pass header.d=domain.de; arc=none



Added FR Tag
[edited by: Raphael Alganes at 3:06 AM (GMT -8) on 23 Feb 2024]
Parents Reply
  • Hi,

    correct me if Im wrong, but as far as I know the ARC-standard is currently in development and isnt widely supported.

    Do you have any ideas what would happen if more and more providers accept that standard and implement some kind of quarantaine for ARC-failueres? Should we just deactivate Sophos MFR till ARC is supported or is there any other way to eliminate this issue?

    Kind regards

Children
No Data