There is a world of community support around ARC. Especially since ARC deals with chained messages and complex mail routing, interoperability testing events have been useful in making sure systems can talk to each other at the protocol level. But these interops alone haven’t been sufficient to ensure that ARC works as expected through all email routing scenarios. This is where the ARC test suite has proven useful in identifying specific issues and potential bugs to focus on at each interop. There are also numerous mature open source libraries that support ARC:
And adoption of ARC has already begun. Google and Fastmail are currently using it publicly, and other operators are testing it internally, with public rollouts to come. Sympa already has ARC support, and Mailman3 merged in ARC support in mid-June 2019.
The journey to RFC 8617 included extensive investigation and interop amongst the ecosystem over the course of several years. Early implementations made a large difference for participants in understanding their internal mail flows.
Brandon Long of Google, co-editor of RFC 8617, says, “ARC allows authorization information to flow when internal routing is particularly complex, solving previously intractable authorization problems with multi-tenant, multi-party email routing. Further, this is even useful to preserve authentication information within a single administrative management domain (ADMD), especially when messages traverse virtual ADMDs within a single system. ARC has also proven useful in preventing messages from improperly gaining authorization by transiting through a permissively allowed forwarder.”
We expect these benefits in turn to make an enormous difference to the ecosystem generally, and improve the amount of authenticated mail that is received overall.
Finally, in addition to improving the reliability and ubiquity of authentication, RFC 8617 will have tangible benefits for end users. Mailing lists that have inconsistent reply-to behaviors, perform “header munging,” or have home-grown behaviors, such as how the IETF lists behave, will be able to return to original behavior after ARC adoption grows. And people who have been using personal email addresses to participate on mailing lists (because their work addresses are at DMARC p=reject or p=quarantine) will find that they can now use work email addresses. Once ARC is in place and widely supported, you’ll be able to use mailing lists normally, even from addresses with DMARC enforcement, so long as the mailing list and your receiving system both support ARC. This should resolve a major headache that the IETF and other major industry lists have been having ever since DMARC was published.