What is SPF/ DKIM?

SPF and DKIM offer solutions to help you secure your domains from fraudulent use and misrepresentation.

SPF stands for Sender Policy Framework. It allows Internet Service Providers to verify if a mail server (IP address) is authorized to send emails for a specific domain.

The administrator of a domain establishes a list of servers or IP addresses permitted to send email on behalf of the domain. If a fraudulent server attempts to send emails to the “receiving” sever for delivery, the email server confirms if the sender is on the domain’s list of permitted senders.

DKIM stands for Domain Keys Identified Mail. It is a free technology used to trace a piece of email back to the domain that sent it. An email is signed using a private domain key when it is sent. It is validated on the receiving mail server using a public key located within the DNS. This allows the user to determine if the content of the email was modified during its transfer. It prevents a hacker from modifying your email before it reaches your intended recipients.
The advantage of using DKIM over SPF is that the signatures can survive forwarding.

It establishes the authenticity of the sender using public key (asymmetric) cryptography, to be specific- RSA digital signatures.

However, these methods on their own are not fool proof, which is where DMARC comes in.

SPF
DKIM
DMARC

What is DMARC?

DMARC is the brainchild of PayPal in collaboration with Google, Microsoft and Yahoo. It is an email-validation system that aims to help organizations and brands understand and improve their email service channels. DMARC safeguards your organization from phishing and spoofing attacks that can harm your brand’s reputation.

DMARC is an email authentication standard for receiving mail servers to determine how to evaluate emails that claim to be from your domain.

Why DMARC?

DMARC is a powerful tool that helps your organization:

  1. Obtain complete clarity and control over all your email channels.
  2. Authenticate and improve the deliverability of your emails.
  3. Block inbound attacks and safeguard your brand name.
  4. Publish an efficient policy that instructs ISP’s to deliver or delete emails.