The ARC protocol uses three headers that are inserted in the order described below:

  1. ARC-Authentication-Results (AAR) header: records the contents of the Authentication-Results header from DMARC. The purpose of this header is to record whether any previous authentication passed or failed. 
  2. ARC-Message-Signature (AMS) header: includes a cryptographic signature of the message itself up to this point. 
  3. ARC-Seal (AS) header: includes a cryptographic signature of the message headers. It does not sign the body contents of the message. This header contains a tag called chain validation “cv=”, which contains the outcome of evaluating the existing ARC chain. The “cv=” tag can be one of three values: none, fail or pass. The values are explained by the table below.

All of the above explained headers together are called an ARC set. Multiple ARC sets - if present - represent an ARC chain. Each of the headers within an ARC set contains a tag “i=” which represents the sequence number starting from 1 and it is the same for each ARC header within a set. 

Did this answer your question?