Skip to main content

Email Authentication & Brand Protection

What is Email Authentication?

One of the most important factors in protecting your email reputation is email authentication. In other words, confirming the real identity of the email sender.

There are three distinct frameworks that email authentication involves.

These are:

  • Sender Policy Framework

  • Doman Keys

  • Domain-Based Message Authentication Reporting & Conformance

Each framework has different purposes. However, when sending emails, it is suggested to include all three in your email sends.

Email Authentication Framework

Let’s go over each framework to better understand their purposes. This is made up of three different aspects: SPF, DKIM, and DMARC.;

Sender Framework Policy // SPF

Sender Policy Framework (SPF) tells mail exchangers, such as Google and Outlook, that hosts are allowed to send an email from a domain. Administrators generate SPF records in their public DNS.

Mail servers that receive emails from your domain, then use SPF to ensure that the email is coming from your domain.

SPF also protects your emails from being spoofed and getting sent to spam.

Domain Keys // DKIM

Domain Keys (DKIM) allows a company to take responsibility for an email in a way that can be verified by email providers through Cryptographic Authentication.

This provides companies with two things:

  • It guarantees the sender is who they say they are.

  • It guarantees the content of the message

Cryptographic Authentication adds a digital signature to your message header. This message, when received, validates and authorizes your domain name. Your DKIM signature is created using a unique string of characters that is stored as a public key.

Domain-Based Message Authentication, Reporting, and Conformance

Domain-Based Message Authentication, Reporting, and Conformance (DMARC) was created to prevent phishing attacks. DMRAC, built upon SPF & DKIM, standardizes the two.

There are three basic parts to DMARC.

  1. DMARC provides a way to confirm the from domain is authentic. It does so by using the DKIM & SPF authentication results.

    • You are able to define how the from domain has to align. There are two options: strict or relaxed

      • Strict: Domain match must be exact- if your from address is pugsareawesome@email.com but the actual sender was pugsareawesome@email.sender.com, then your email message would be considered unaligned

      • Relaxed: Allows for subdomain matches. This means the addresses above would be aligned.

  2. DMARC lets you choose what to do with emails that receivers and spam filters receive that are not DMARC-aligned. If aligned, through DMARC you can publish a policy for the inbox provider to always delete unaligned email or always put unaligned email in the spam folder.

  3. A reporting feature that allows you to find sources of legitimate, non-DMRAC-aligned mail, so it can be fixed and be aligned. Reporting can also help you track down and prevent phishing attacks.

Product

How it WorksPricingFAQDocumentationMarketo Alternative
Paminga Logo

Built with pride in Denver, Colorado, USA

Copyright © Paminga 2024
All rights reserved. Various trademarks held by their respective owners.