What is email authentication?

Chat icon

Today ISPs are seriously working to get rid of their networks of spam. Email authentication can help these ISPs to validate that the emails are originating from a legitimate source and the recipient can validate the mail source. If an email message appears to come from one domain, while actually it is delivered from another, the recipient can verify if the mail source is valid based on additional header information passed in the email. This is a great technique to prevent spoofing and phishing scams.

ISP’s use different techniques to authenticate the incoming emails:

Sender Policy Framework (SPF) to help protect your domain against spoofing, and help prevent your outgoing messages from being marked as spam. SPF specifies the mail servers that are allowed to send emails for your domain.

DomainKeys Identified Mail (DKIM) is an authentication standard used to prevent email spoofing. Specifically, DKIM attempts to prevent the spoofing of a domain that's used to deliver email.

A DMARC record is the core of a DMARC implementation in which the DMARC record rulesets are defined. This DMARC record informs email receivers if a domain is set up for DMARC. If so, the DMARC record contains the policy that the domain owner wants to use.

In essence, a DMARC record a DNS (Domain Name Service) entry. One can start using DMARC by implementing a DMARC DNS record. This DMARC record will be used by email receivers that have adopted DMARC. This will result in keeping track of all the messages which have been sent to your domain taking your DMARC policy into account.

Google postmaster record is to track data on large volumes of emails sent and find data about your sending domain. You can view details like Gmail delivery errors, spam reports, feedback loop, and more.

Records are the most basic type of DNS record and are used to point a domain or subdomain to an IP address.

Mail Exchanger (MX) records are used to help route email according to the domain owners’ preference. The MX record itself specifies which server(s) to attempt to use to deliver mail to when this type of request is made to the domain. They differ from A Records and CNAMEs in the way that they also require a “priority” value as a part of their entry. The priority number is used to indicate which of the servers listed as MX records it should attempt to use first.