What happens if a forwarder doesn't support ARC?

Still have a question, spotted an error, or have a better explanation or a source we should cite?

The receiving mail server has to judge the forwarded email on its own. And without ARC context, what it sees isn't promising.

Forwarding typically breaks SPF (the forwarder's IP replaces the original server's IP). If the forwarder also modifies the message (adding footers, changing subject lines), DKIM breaks too. With both failing, DMARC has nothing to work with. What happens next depends on your DMARC policy:

  • p=none: The email still delivers. The failure gets logged in your DMARC reports, but nothing is blocked.
  • p=quarantine: The email likely lands in the spam folder at the recipient's mailbox.
  • p=reject: The email gets rejected outright. The recipient never sees it.

For senders running p=reject (which is where you should eventually land for security), this means legitimate forwarded mail gets silently blocked. It looks exactly like a spoofed message from the receiver's point of view. There's no way to distinguish the two without ARC.

There's no perfect fix on the sender side. You can't control which forwarding services your recipients use or whether those services implement ARC. Some senders temporarily relax their DMARC policy back to p=quarantine when forwarding failures show up in reports, accepting more spam-folder risk in exchange for fewer rejections. It's a real trade-off.

The best thing you can do: keep DKIM solid (it survives simple forwarding), monitor your DMARC aggregate reports for forwarding-related failures, and check whether high-volume forwarders your recipients use support ARC. If you're seeing a lot of forwarding rejections and aren't sure what to do, our SOS hotline is free.

Contributors

Who worked on this answer

Every name links to their profile. Every company links to their site. Real people, real accountability.

Ask an AI · tailored to your setup

Find out if forwarding failures are silently blocking your legitimate mail.

I read about what happens when forwarders don't support ARC on the Email Almanac. I'm concerned that legitimate forwarded emails from my domain might be getting blocked. My details: - My sending domain: your domain - My current DMARC policy: none/quarantine/reject/not set - Am I seeing unexplained DMARC failures or rejection reports? yes/no/not sure - Do any of my recipients use forwarding or mailing lists? yes/no/not sure - My email platform: e.g. Mailchimp, SendGrid, custom SMTP - Have any recipients reported not receiving my emails? yes/no Help me figure out if ARC-less forwarding is causing my legitimate emails to get rejected and what I should do about it.

Edit the yellow boxes, then send to the AI of your choice.