DKIM
stands for DomainKeys Identified Mail. It is an email authentication method used to verify the authenticity and integrity of emails. DKIM works by adding a digital signature to the email message header. The signature is generated using a private key associated with the sending domain. When the email is received, the receiving server can use the corresponding public key to verify the signature and ensure that the email was not modified during transit. This helps prevent email spoofing and ensures that the email actually came from the claimed domain.
ARC
stands for Authenticated Received Chain. It is an email authentication protocol that addresses issues related to forwarding and mailing list services. When an email is forwarded or passed through intermediate servers, the original DKIM signature may be invalidated or removed. ARC allows these intermediate servers to create and attach their own signatures to the email, forming a chain of trust. This allows the receiving server to verify the entire chain of signatures and determine the authenticity of the email, even if it has been forwarded multiple times.
DMARC
stands for Domain-based Message Authentication, Reporting, and Conformance. It is an email authentication policy framework. DMARC builds upon SPF (Sender Policy Framework) and DKIM to provide a more robust mechanism for email authentication. It allows domain owners to specify policies for how receiving servers should handle emails that fail SPF or DKIM checks. DMARC policies can instruct receiving servers to quarantine or reject emails that fail authentication, or to send reports to the domain owner about failed authentication attempts. DMARC helps protect against email spoofing and phishing attacks by allowing domain owners to control and monitor email authentication for their domains.