SPF, DKIM, and DMARC are three key technologies used in email. They verify the sender’s identity and help reduce spam and phishing.
SPF (Sender Policy Framework)
Imagine you have a list of trusted friends who can send letters from your house. SPF is like that list, but for email.
Your email domain (like ‘@example.com’) uses this method to state that ‘Only specific mail servers may send emails on its behalf‘.
When you send an email, the recipient’s email system checks this list. If the email comes from a server not on the list, the recipient’s email system may mark it as spam or fake.
DKIM (DomainKeys Identified Mail)
Think of DKIM as a secret wax seal for your emails.
When you send an email, your server puts a digital signature (like a unique seal) on the message.
The recipient’s email system checks this signature using a public key available in your domain’s DNS records.
If the signature matches, it confirms that the email remains unaltered. Additionally, it verifies that the email truly originates from your domain.
DMARC (Domain-based Message Authentication, Reporting, and Conformance)
DMARC is like a set of instructions you give to others about how to handle your emails.
It uses SPF and DKIM to verify emails. If an email fails these checks, DMARC tells the recipient what to do with it – like reject it or put it in spam.
DMARC also requests reports from email receivers about how they handle your emails. These reports help you detect if someone is trying to impersonate your domain.
SUMMARY
- SPF is a list of servers allowed to send emails from your domain.
- DKIM provides a digital signature that confirms the email originates from your domain and proves that no one altered it.
- DMARC tells email receivers what to do if an email doesn’t pass SPF or DKIM checks and asks for reports on these actions.
If you need further assistance with adding these records, please contact us. And our friendly support team is here to help you set up SPF, DKIM, and DMARC correctly.