{"id":1983,"date":"2020-10-14T21:55:30","date_gmt":"2020-10-14T18:55:30","guid":{"rendered":"https:\/\/mailsafi.com\/blog\/?p=1983"},"modified":"2021-02-11T11:13:37","modified_gmt":"2021-02-11T08:13:37","slug":"email-authentication-the-anti-phishing-solution","status":"publish","type":"post","link":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/","title":{"rendered":"Email Authentication: The Ultimate Anti-Phishing Solution"},"content":{"rendered":"\n<p>Email authentication is the process by which a sender is validated through published records, such as SPF, DKIM, and DMARC, that they are who they imply to be. With subject lines such as \u201cSuspicious Account Activity,\u201d \u201cInvitation to Connect,\u201d or \u201cUrgent Wire Transfer Required,\u201d phishing emails can trick people into divulging usernames, passwords, and other sensitive information to scammers. In addition, this harms the reputations of the businesses whose identities are spoofed. <\/p>\n\n\n\n<p>These messages often include spoofed addresses and appear to include links to the businesses\u2019 web sites, making it difficult to tell the difference between real messages and spoofed ones. The best way to prevent people from falling for phishing messages is to keep these scam emails from ever showing up in their inboxes. Validating emails helps organizations to take control of their sending domains and protect their brand reputation. Using SPF, DKIM, and DMARC, businesses can determine who is authorized to send emails on behalf of their domain.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_49 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"ez-toc-toggle-icon-1\"><label for=\"item-69d6df1752aa2\" aria-label=\"Table of Content\"><span style=\"display: flex;align-items: center;width: 35px;height: 30px;justify-content: center;direction:ltr;\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/label><input  type=\"checkbox\" id=\"item-69d6df1752aa2\"><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><ul class='ez-toc-list-level-4'><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4'><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#Email_authentication_is_critical_as_email_addresses_are_easy_to_forge\" title=\"Email authentication is critical as email addresses are easy to forge\">Email authentication is critical as email addresses are easy to forge<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#How_does_email_authentication_stop_phishing_and_spoofed_emails\" title=\"How does email authentication stop phishing and spoofed emails?\">How does email authentication stop phishing and spoofed emails?<\/a><ul class='ez-toc-list-level-4'><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4'><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#1_Sender_Policy_Framework_SPF_Authentication\" title=\"1. Sender Policy Framework (SPF) Authentication\">1. Sender Policy Framework (SPF) Authentication<\/a><ul class='ez-toc-list-level-5'><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#How_SPF_authentication_works\" title=\"How SPF authentication works\">How SPF authentication works<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#SPF_authentication_is_not_foolproof\" title=\"SPF authentication is not foolproof\">SPF authentication is not foolproof<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#2_DomainKey_Identified_Mail_DKIM_Authentication\" title=\"2. DomainKey Identified Mail (DKIM) Authentication\">2. DomainKey Identified Mail (DKIM) Authentication<\/a><ul class='ez-toc-list-level-5'><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#How_DKIM_email_authentication_occurs\" title=\"How DKIM email authentication occurs\">How DKIM email authentication occurs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#Step_by_step_process_of_DKIM_authentication\" title=\"Step by step process of DKIM authentication\">Step by step process of DKIM authentication<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#3_Domain-based_Message_Authentication_Reporting_and_Conformance_DMARC\" title=\"3. Domain-based Message Authentication Reporting and Conformance (DMARC)\">3. Domain-based Message Authentication Reporting and Conformance (DMARC)<\/a><ul class='ez-toc-list-level-5'><li class='ez-toc-heading-level-5'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#SPF_and_DKIM_alignment_is_DMARC_authentication\" title=\"SPF and DKIM alignment is DMARC authentication\">SPF and DKIM alignment is DMARC authentication<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#The_Takeaway\" title=\"The Takeaway\">The Takeaway<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#Conclusion\" title=\"Conclusion\">Conclusion<\/a><\/li><\/ul><\/nav><\/div>\n<h4 class=\"wp-block-heading\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"Email_authentication_is_critical_as_email_addresses_are_easy_to_forge\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\">Email authentication is critical as email addresses are easy to forge<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>Altering an email address and making it appear as a trusted source to the receiver is something you and I can do. It does not require any technical or black hat expertise. How come? This is because the basic protocol that makes sending and receiving emails between computers easier only requires that the email address in the &#8216;To&#8217; line be valid. All other information can be inaccurate. This protocol is known as the Simple Mail Transfer Protocol. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"710\" height=\"400\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg\" alt=\"\" class=\"wp-image-1892\" srcset=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02.jpg 710w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spam-phishing-img-02-300x169.jpg 300w\" sizes=\"(max-width: 710px) 100vw, 710px\" \/><figcaption>spam-phishing<\/figcaption><\/figure>\n\n\n\n<p>Scammers take advantage of this design by altering the &#8220;From&#8221; address. With emails, there are two types of &#8216;From&#8217; information, that is, the &#8216;envelope from&#8217; and the &#8216;header from&#8217;. The &#8216;Envelope From&#8217; indicates which server the email originated from. It is the return address that tells mail servers where to return, or bounce, the message back to. It\u2019s contained in the hidden email message header, which includes other technical details servers use to understand who the message is for, what software was used to compose it, etc.<\/p>\n\n\n\n<p>On the other hand, the &#8216;Header From&#8217; is the information a user will see on the &#8216;From:&#8217; line of an email. With SMTP, these two types of &#8216;From&#8217; information don&#8217;t have to match and can both be inaccurate. It is quite easy for cybercriminals to forge this information and send out large numbers of phish emails. <\/p>\n\n\n\n<p>This is why businesses require additional authentication protocols in their anti-phishing emails. These protocols supplement SMTP to provide the best protection against phishing emails. <\/p>\n\n\n\n<h2 class=\"has-vivid-red-color has-text-color wp-block-heading\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"How_does_email_authentication_stop_phishing_and_spoofed_emails\"><\/span>How does email authentication stop phishing and spoofed emails?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"750\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-security-xs.jpg\" alt=\"email authentication system verifying emails\" class=\"wp-image-1918\" srcset=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-security-xs.jpg 1000w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-security-xs-300x225.jpg 300w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/email-security-xs-768x576.jpg 768w\" sizes=\"(max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n\n\n\n<p>Email authentication involves three protocols that work together to stop spoofing which is used to create phish emails. They help to:<\/p>\n\n\n\n<ol><li>Provide insights about emails that failed authentication which helps your IT department to monitor and observe spoofing efforts.<\/li><li>Identify legitimate emails that end up in junk folders falsely after being marked as unauthenticated.<\/li><li>Verify the sender and contents of an email <\/li><li>Control what happens to unauthenticated emails<\/li><\/ol>\n\n\n\n<p>These three important email authentication protocols are;<\/p>\n\n\n\n<ul><li><strong>SPF (Sender Policy Framework)<\/strong><\/li><li><strong>(DKIM) DomainKeys Identified Mail<\/strong><\/li><li><strong>DMARC (Domain-based Message Authentication Reporting and Conformance) authentication<\/strong><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"font-size:22px\"><span class=\"ez-toc-section\" id=\"1_Sender_Policy_Framework_SPF_Authentication\"><\/span><span style=\"color:#05045b\" class=\"has-inline-color\">1. Sender Policy Framework (SPF) Authentication<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>SPF helps organizations declare which email servers or hosts can send emails from their domain. It also provides a way for the receiving organization to check for this authentication and accept the email. Thus, SPF also ensures that an email reaches the intended mailbox.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft size-medium\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"105\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spf@2x-300x105.png\" alt=\"SPF authenticating email servers\" class=\"wp-image-1984\" srcset=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spf@2x-300x105.png 300w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/spf@2x.png 583w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><figcaption>mail servers<\/figcaption><\/figure><\/div>\n\n\n\n<p>With SPF authentication, your organization verifies and authorizes hosts or mail servers and networks to use its domain names when sending emails. Additionally, it also provides a way that a receiving host (server) can check that authorization. In other words, when you create an SPF record, it lists which email servers are allowed to send emails from that domain. Therefore, this system helps to prevent spoofing of sender email addresses by alerting your organization that the domain it claims to be from has not authorized the IP address to send emails on behalf of that domain.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_SPF_authentication_works\"><\/span><span class=\"has-inline-color has-vivid-red-color\">How SPF authentication works<\/span><span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p>SPF is an email authentication protocol that allows the owner of a domain to specify which mail servers they use to send mail from that domain.<\/p>\n\n\n\n<p>Brands sending emails publish SPF records in the Domain Name System (DNS). These records list which IP addresses are authorized to send emails on behalf of their domains.<\/p>\n\n\n\n<p>During an SPF check, email providers verify the SPF records by looking up the domain name listed in the \u201cenvelope from\u201d address in the Domain Name System (DNS). The domain name system (DNS) is a naming database where internet domain names are located and translated into IP addresses. If the IP address sending email on behalf of the \u201cenvelope from\u201d domain isn\u2019t listed in that SPF record, the message fails SPF authentication.<\/p>\n\n\n\n<p><strong><span class=\"has-inline-color has-vivid-red-color\">Step by step SPF authentication<\/span><\/strong><\/p>\n\n\n\n<p>1. <strong>Creating the SPF record<\/strong>; Your domain administrator creates an SPF record that lists all the mail IP addresses allowed to send emails from the domain mailsafi.com. <\/p>\n\n\n\n<p>2. <strong>Implementing the SPF record<\/strong>; Your domain, mailsafi.com, which is the sending domain adds the SPF records to its DNS.<\/p>\n\n\n\n<p>3. <strong>Verifying the SPF record<\/strong>; During an SPF check, your email service provider verifies the SPF record by looking up the domain name listed in the \u201cenvelope from\u201d address in the DNS. If the IP address sending email on behalf of the \u201cenvelope from\u201d domain isn\u2019t listed in that SPF record, the message fails SPF authentication.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"SPF_authentication_is_not_foolproof\"><\/span><strong><span class=\"has-inline-color has-vivid-red-color\">SPF authentication is not foolproof<\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p>As effective as SPF authentication is, it has its shortcomings. They are;<\/p>\n\n\n\n<ul><li>Updating SPF records is difficult due to a lack of visibility. For example when businesses change service providers or add new mail streams<\/li><li>When a message fails SPF, this does not mean it is always blocked from reaching your inbox. SPF is just one of several factors email providers take into account.<\/li><li>SPF verifies incoming emails except when a user forwards the message or uses automated forwarding<\/li><li>It does nothing to protect brands against cybercriminals who spoof the display name or \u201cheader from\u201d address in their message. It is the more frequently spoofed \u201cfrom\u201d address since it\u2019s the address most visible to the email recipient.<\/li><\/ul>\n\n\n\n<p>In conclusion, SPF authentication not only allows an organization to authorize hosts (servers) and networks to use its domain names when sending emails but also provides a way that a receiving host can check that authorization. However, SPF is not a stand-alone defense system against phishing.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"font-size:22px\"><span class=\"ez-toc-section\" id=\"2_DomainKey_Identified_Mail_DKIM_Authentication\"><\/span><span style=\"color:#100356\" class=\"has-inline-color\">2. DomainKey Identified Mail (DKIM) Authentication<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>This is the second protocol in the email authentication process. DKIM provides a digital signature that claims responsibility for an email also known as the DKIM signature. A DKIM signature is a header added to email messages. The header contains values that allow a receiving mail server to validate the email message by looking up a sender\u2019s DKIM key and using it to verify the encrypted signature.<\/p>\n\n\n\n<p>In addition, it guarantees an email has not been altered. Therefore, it allows an organization to take responsibility for transmitting a message in a way that can be verified by your email provider.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_DKIM_email_authentication_occurs\"><\/span><span class=\"has-inline-color has-vivid-red-color\">How DKIM email authentication occurs<\/span><span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p>As mentioned, to use DKIM, email servers attach special DKIM signatures to the emails they send. These signatures travel with the emails and are verified along the way by the email servers that move the emails toward their final destination. These signatures act as a watermark for email so that email receivers can verify that the email actually came from the domain it says it does and that it hasn\u2019t been tampered with.<\/p>\n\n\n\n<p>Each signature contains all the information needed for an email server to verify that the signature is real, and it is encrypted by a pair of keys. The originating email server has what is called the \u201cprivate key,\u201d which can be verified by the receiving mail server or ISP with the other half of the key pair, which is called the \u201cpublic key.\u201d<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Step_by_step_process_of_DKIM_authentication\"><\/span><span class=\"has-inline-color has-vivid-red-color\">Step by step process of DKIM authentication<\/span><span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p>The process begins by deciding what elements of an email to assign the DKIM signature. This can be the entire message or specific fields of the email header. Whichever the case, the elements chosen for the DKIM signing process must remain the same during transit in order to pass DKIM signature authentication<\/p>\n\n\n\n<p>After choosing which elements to include in the signing process, the sender configures their email platform to automatically create a hash of these elements<\/p>\n\n\n\n<p><strong>The encryption process<\/strong><\/p>\n\n\n\n<p>Cryptography is at the center of the encryption process. Before sending the email, a private key encrypts the hash string. The private key is then assigned to a unique combination of domain and selector. The DKIM selector is specified in the DKIM-Signature header and indicates where the public key portion of the DKIM key pair exists in DNS. The receiving server uses the DKIM selector to locate and retrieve the public key to verify that the email message is authentic and unaltered.<\/p>\n\n\n\n<p><strong><span class=\"has-inline-color has-vivid-red-color\">Authenticating the DKIM signature <\/span><\/strong><\/p>\n\n\n\n<p>A public key authenticates the DKIM signature. To validate the signature, the mailbox provider will run a DNS query to find the public key for that domain\/selector combination. This public key is unique and is the only match for the private key that signed the email, also known as a keypair match we mentioned earlier. The keypair match enables the email provider to decrypt the DKIM signature back to the original hash string.<\/p>\n\n\n\n<p>The message recipient then takes the elements of the email signed by DKIM and generates its own hash of these elements. <\/p>\n\n\n\n<p>Finally, the recipient compares the hash it generated with the decrypted hash from the DKIM signature. If they match, we know that the sender truly owns the email and that the signed elements remain unchanged during transit.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"font-size:22px\"><span class=\"ez-toc-section\" id=\"3_Domain-based_Message_Authentication_Reporting_and_Conformance_DMARC\"><\/span><span style=\"color:#020753\" class=\"has-inline-color\">3. Domain-based Message Authentication Reporting and Conformance (DMARC)<\/span><span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft size-medium\"><img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"275\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/DMARC-Policy-300x275.png\" alt=\"DMARC email authentication\" class=\"wp-image-1985\" srcset=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/DMARC-Policy-300x275.png 300w, https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/DMARC-Policy.png 500w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><figcaption>DMARC policy<\/figcaption><\/figure><\/div>\n\n\n\n<p>DMARC is all about verifying that the email address in the &#8220;From&#8221; header actually comes from the actual sender. This is how DMARC completes a comprehensive anti-phishing defense system as neither SPF nor DKIM can prevent spoofing of the header &#8220;From&#8221;.<\/p>\n\n\n\n<p>DMARC ensures email is properly authenticating against established DKIM and SPF standards. It ensures that fraudulent emails appearing to come from domains under your organization\u2019s control are blocked. Two main aspects of DMARC makes this process. That is, domain alignment and reporting.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"SPF_and_DKIM_alignment_is_DMARC_authentication\"><\/span>SPF and DKIM alignment is DMARC authentication<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<p>This process involves;<\/p>\n\n\n\n<ul><li>Matching the \u201cheader from\u201d domain name with the \u201cenvelope from\u201d domain name used during an SPF check<\/li><li>Matching the \u201cheader from\u201d domain name with the \u201cd= domain name\u201d in the DKIM signature.<\/li><\/ul>\n\n\n\n<p>To pass DMARC, an email must pass SPF authentication and SPF alignment and\/or DKIM authentication and DKIM alignment. A message will fail DMARC if the message fails both (1) SPF or SPF alignment&nbsp;and (2) DKIM or DKIM alignment.<\/p>\n\n\n\n<p>Moreover, DMARC allows senders to instruct email providers on how to handle unauthenticated mail using a DMARC policy. This eliminates any guesswork on how they should handle messages that fail DMARC authentication. Senders can either:<\/p>\n\n\n\n<ul><li>Block delivery of unauthenticated messages (noted in the DMARC listing as \u201cp=reject\u201d),<\/li><li>Quarantine or place unauthenticated messages in the recipient\u2019s junk email folder (noted in the DMARC listing as \u201cp=quarantine\u201d), or<\/li><li>Give no specific guidance on how to treat unauthenticated messages (noted in the DMARC listing as \u201cp=none\u201d). <\/li><\/ul>\n\n\n\n<p>Additionally, we mentioned that email authentication provides useful insights into spoofing efforts. Organizations can use the \u201cp=none\u201d instruction in conjunction with a request for receiving domains to send it reports about authentication failures. This enables the sending domain to monitor whether its SPF and DKIM DNS entries are working properly.<\/p>\n\n\n\n<p>To conclude, DMARC is the latest and only widely deployed technology that can verify the \u201cheader from\u201d address (what users see in their emails). Not only does this help protect customers and the brand, it discourages cybercriminals&nbsp;who are less likely to go after a brand with a DMARC record<\/p>\n\n\n\n<h2 class=\"has-vivid-red-color has-text-color wp-block-heading\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"The_Takeaway\"><\/span>The Takeaway<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul><li>Firstly, email authentication prevents the entry of spoofed and phish emails into your mailbox<\/li><li>An SPF record determines which email servers are authorized in sending  emails on behalf of your domain<\/li><li>A DKIM record confirms that the message is unaltered<\/li><li>Creating a DMARC record prevents spoofing of the header &#8220;from&#8221; email address which is the display name that users see<\/li><li>Implementing DMARC policy instructs your domain&#8217;s receiving servers on what to do with emails that fail authentication<\/li><li>A DMARC policy can either quarantine, reject, or do nothing to unauthenticated emails<\/li><li>To implement a full-proof anti-phishing solution, you need the full capacity of all three email authentication methods<\/li><\/ul>\n\n\n\n<h2 class=\"has-vivid-red-color has-text-color wp-block-heading\" style=\"font-size:32px\"><span class=\"ez-toc-section\" id=\"Conclusion\"><\/span>Conclusion<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Email authentication technology is affordable and available to businesses of all sizes. With third-party email service providers, implementing email authentication solutions can be complex. This is because changes made on these systems affect your business. To solve this challenge, it is advisable to ask your provider to set no specific guidance on how unauthenticated emails are treated at first. <\/p>\n\n\n\n<p>Monitor and observe how the systems work while noting if there are any legit emails failing authentication. Depending on what business your domain engages in and its popularity, you can adjust your DMARC listings accordingly with time.<\/p>\n\n\n\n<p>Finally, it is important to note that email authentication is crucial for a Software as a Service (SaaS) company. This is because it confirms that your users receive emails truly sent from your product. Implementing all three forms of authentication is the best way to protect your application&#8217;s reputation.<\/p>\n\n\n\n<p>MailSafi protects your mailbox and network with SPF, DKIM, and DMARC authentication. Implementing these protocols can be complex. <span class=\"has-inline-color has-vivid-red-color\"><a rel=\"noreferrer noopener\" href=\"https:\/\/www.mailsafi.com\/contact-us\" target=\"_blank\"><strong>Contact us<\/strong><\/a><\/span> to learn more about <a rel=\"noreferrer noopener\" href=\"https:\/\/www.mailsafi.com\/\" target=\"_blank\"><strong><span class=\"has-inline-color has-vivid-cyan-blue-color\">MailSafi Email Security<\/span><\/strong><\/a> mail validation technology.<\/p>\n<div class=\"pvc_clear\"><\/div><p id=\"pvc_stats_1983\" class=\"pvc_stats all  \" data-element-id=\"1983\" style=\"\"><i class=\"pvc-stats-icon large\" aria-hidden=\"true\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.0\" viewBox=\"0 0 502 315\" preserveAspectRatio=\"xMidYMid meet\"><g transform=\"translate(0,332) scale(0.1,-0.1)\" fill=\"\" stroke=\"none\"><path d=\"M2394 3279 l-29 -30 -3 -207 c-2 -182 0 -211 15 -242 39 -76 157 -76 196 0 15 31 17 60 15 243 l-3 209 -33 29 c-26 23 -41 29 -80 29 -41 0 -53 -5 -78 -31z\"\/><path d=\"M3085 3251 c-45 -19 -58 -50 -96 -229 -47 -217 -49 -260 -13 -295 52 -53 146 -42 177 20 16 31 87 366 87 410 0 70 -86 122 -155 94z\"\/><path d=\"M1751 3234 c-13 -9 -29 -31 -37 -50 -12 -29 -10 -49 21 -204 19 -94 39 -189 45 -210 14 -50 54 -80 110 -80 34 0 48 6 76 34 21 21 34 44 34 59 0 14 -18 113 -40 219 -37 178 -43 195 -70 221 -36 32 -101 37 -139 11z\"\/><path d=\"M1163 3073 c-36 -7 -73 -59 -73 -102 0 -56 133 -378 171 -413 34 -32 83 -37 129 -13 70 36 67 87 -16 290 -86 209 -89 214 -129 231 -35 14 -42 15 -82 7z\"\/><path d=\"M3689 3066 c-15 -9 -33 -30 -42 -48 -48 -103 -147 -355 -147 -375 0 -98 131 -148 192 -74 13 15 57 108 97 206 80 196 84 226 37 273 -30 30 -99 39 -137 18z\"\/><path d=\"M583 2784 c-38 -19 -67 -74 -58 -113 9 -42 211 -354 242 -373 16 -10 45 -18 66 -18 51 0 107 52 107 100 0 39 -1 41 -124 234 -80 126 -108 162 -133 173 -41 17 -61 16 -100 -3z\"\/><path d=\"M4250 2784 c-14 -9 -74 -91 -133 -183 -95 -150 -107 -173 -107 -213 0 -55 33 -94 87 -104 67 -13 90 8 211 198 130 202 137 225 78 284 -27 27 -42 34 -72 34 -22 0 -50 -8 -64 -16z\"\/><path d=\"M2275 2693 c-553 -48 -1095 -270 -1585 -649 -135 -104 -459 -423 -483 -476 -23 -49 -22 -139 2 -186 73 -142 361 -457 571 -626 285 -228 642 -407 990 -497 242 -63 336 -73 660 -74 310 0 370 5 595 52 535 111 1045 392 1455 803 122 121 250 273 275 326 19 41 19 137 0 174 -41 79 -309 363 -465 492 -447 370 -946 591 -1479 653 -113 14 -422 18 -536 8z m395 -428 c171 -34 330 -124 456 -258 112 -119 167 -219 211 -378 27 -96 24 -300 -5 -401 -72 -255 -236 -447 -474 -557 -132 -62 -201 -76 -368 -76 -167 0 -236 14 -368 76 -213 98 -373 271 -451 485 -162 444 86 934 547 1084 153 49 292 57 452 25z m909 -232 c222 -123 408 -262 593 -441 76 -74 138 -139 138 -144 0 -16 -233 -242 -330 -319 -155 -123 -309 -223 -461 -299 l-81 -41 32 46 c18 26 49 83 70 128 143 306 141 649 -6 957 -25 52 -61 116 -79 142 l-34 47 45 -20 c26 -10 76 -36 113 -56z m-2057 25 c-40 -58 -105 -190 -130 -263 -110 -324 -59 -707 132 -981 25 -35 42 -64 37 -64 -19 0 -241 119 -326 174 -188 122 -406 314 -532 468 l-58 71 108 103 c185 178 428 349 672 473 66 33 121 60 123 61 2 0 -10 -19 -26 -42z\"\/><path d=\"M2375 1950 c-198 -44 -350 -190 -395 -379 -18 -76 -8 -221 19 -290 114 -284 457 -406 731 -260 98 52 188 154 231 260 27 69 37 214 19 290 -38 163 -166 304 -326 360 -67 23 -215 33 -279 19z\"\/><\/g><\/svg><\/i> <img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" alt=\"Loading\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/plugins\/page-views-count\/ajax-loader-2x.gif\" border=0 \/><\/p><div class=\"pvc_clear\"><\/div>","protected":false},"excerpt":{"rendered":"<p>Email authentication is a technical solution that prevents forged and phish emails from reaching your mailbox. Authenticating sent and received emails is critical as it protects your organization&#8217;s brand and reputation. Research shows that over 80% of employees in an organization cannot identify phishing emails. With provoking subject lines, forged email addresses and unsuspecting employees, organizations continue to lose millions of dollars due to phishing scams.<\/p>\n<div class=\"pvc_clear\"><\/div>\n<p id=\"pvc_stats_1983\" class=\"pvc_stats all  \" data-element-id=\"1983\" style=\"\"><i class=\"pvc-stats-icon large\" aria-hidden=\"true\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" version=\"1.0\" viewBox=\"0 0 502 315\" preserveAspectRatio=\"xMidYMid meet\"><g transform=\"translate(0,332) scale(0.1,-0.1)\" fill=\"\" stroke=\"none\"><path d=\"M2394 3279 l-29 -30 -3 -207 c-2 -182 0 -211 15 -242 39 -76 157 -76 196 0 15 31 17 60 15 243 l-3 209 -33 29 c-26 23 -41 29 -80 29 -41 0 -53 -5 -78 -31z\"\/><path d=\"M3085 3251 c-45 -19 -58 -50 -96 -229 -47 -217 -49 -260 -13 -295 52 -53 146 -42 177 20 16 31 87 366 87 410 0 70 -86 122 -155 94z\"\/><path d=\"M1751 3234 c-13 -9 -29 -31 -37 -50 -12 -29 -10 -49 21 -204 19 -94 39 -189 45 -210 14 -50 54 -80 110 -80 34 0 48 6 76 34 21 21 34 44 34 59 0 14 -18 113 -40 219 -37 178 -43 195 -70 221 -36 32 -101 37 -139 11z\"\/><path d=\"M1163 3073 c-36 -7 -73 -59 -73 -102 0 -56 133 -378 171 -413 34 -32 83 -37 129 -13 70 36 67 87 -16 290 -86 209 -89 214 -129 231 -35 14 -42 15 -82 7z\"\/><path d=\"M3689 3066 c-15 -9 -33 -30 -42 -48 -48 -103 -147 -355 -147 -375 0 -98 131 -148 192 -74 13 15 57 108 97 206 80 196 84 226 37 273 -30 30 -99 39 -137 18z\"\/><path d=\"M583 2784 c-38 -19 -67 -74 -58 -113 9 -42 211 -354 242 -373 16 -10 45 -18 66 -18 51 0 107 52 107 100 0 39 -1 41 -124 234 -80 126 -108 162 -133 173 -41 17 -61 16 -100 -3z\"\/><path d=\"M4250 2784 c-14 -9 -74 -91 -133 -183 -95 -150 -107 -173 -107 -213 0 -55 33 -94 87 -104 67 -13 90 8 211 198 130 202 137 225 78 284 -27 27 -42 34 -72 34 -22 0 -50 -8 -64 -16z\"\/><path d=\"M2275 2693 c-553 -48 -1095 -270 -1585 -649 -135 -104 -459 -423 -483 -476 -23 -49 -22 -139 2 -186 73 -142 361 -457 571 -626 285 -228 642 -407 990 -497 242 -63 336 -73 660 -74 310 0 370 5 595 52 535 111 1045 392 1455 803 122 121 250 273 275 326 19 41 19 137 0 174 -41 79 -309 363 -465 492 -447 370 -946 591 -1479 653 -113 14 -422 18 -536 8z m395 -428 c171 -34 330 -124 456 -258 112 -119 167 -219 211 -378 27 -96 24 -300 -5 -401 -72 -255 -236 -447 -474 -557 -132 -62 -201 -76 -368 -76 -167 0 -236 14 -368 76 -213 98 -373 271 -451 485 -162 444 86 934 547 1084 153 49 292 57 452 25z m909 -232 c222 -123 408 -262 593 -441 76 -74 138 -139 138 -144 0 -16 -233 -242 -330 -319 -155 -123 -309 -223 -461 -299 l-81 -41 32 46 c18 26 49 83 70 128 143 306 141 649 -6 957 -25 52 -61 116 -79 142 l-34 47 45 -20 c26 -10 76 -36 113 -56z m-2057 25 c-40 -58 -105 -190 -130 -263 -110 -324 -59 -707 132 -981 25 -35 42 -64 37 -64 -19 0 -241 119 -326 174 -188 122 -406 314 -532 468 l-58 71 108 103 c185 178 428 349 672 473 66 33 121 60 123 61 2 0 -10 -19 -26 -42z\"\/><path d=\"M2375 1950 c-198 -44 -350 -190 -395 -379 -18 -76 -8 -221 19 -290 114 -284 457 -406 731 -260 98 52 188 154 231 260 27 69 37 214 19 290 -38 163 -166 304 -326 360 -67 23 -215 33 -279 19z\"\/><\/g><\/svg><\/i> <img loading=\"lazy\" decoding=\"async\" width=\"16\" height=\"16\" alt=\"Loading\" src=\"https:\/\/mailsafi.com\/blog\/wp-content\/plugins\/page-views-count\/ajax-loader-2x.gif\" border=0 \/><\/p>\n<div class=\"pvc_clear\"><\/div>\n","protected":false},"author":1,"featured_media":1920,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[3],"tags":[209,207,208,201,206],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Email Authentication: The Ultimate Anti-Phishing Solution &#187; The MailSafi Blog<\/title>\n<meta name=\"description\" content=\"The process of email authentication is like showing your identification card at the entrance of a building. It confirms you are who you say you are. In a world where cybercriminals can easily alter email addresses, email authentication is a necessary tool that weeds out fraudulent messages.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Email Authentication: The Ultimate Anti-Phishing Solution &#187; The MailSafi Blog\" \/>\n<meta property=\"og:description\" content=\"The process of email authentication is like showing your identification card at the entrance of a building. It confirms you are who you say you are. In a world where cybercriminals can easily alter email addresses, email authentication is a necessary tool that weeds out fraudulent messages.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\" \/>\n<meta property=\"og:site_name\" content=\"The MailSafi Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/msgafricaltd\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-14T18:55:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-02-11T08:13:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"662\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"the_leaders\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@msgafricaltd\" \/>\n<meta name=\"twitter:site\" content=\"@msgafricaltd\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"the_leaders\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\"},\"author\":{\"name\":\"the_leaders\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/d2ec682ba327149927593938af3f9d14\"},\"headline\":\"Email Authentication: The Ultimate Anti-Phishing Solution\",\"datePublished\":\"2020-10-14T18:55:30+00:00\",\"dateModified\":\"2021-02-11T08:13:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\"},\"wordCount\":2279,\"publisher\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg\",\"keywords\":[\"anti-phishing\",\"DKIM\",\"DMARC\",\"email authentication\",\"SPF\"],\"articleSection\":[\"Email Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\",\"url\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\",\"name\":\"Email Authentication: The Ultimate Anti-Phishing Solution &#187; The MailSafi Blog\",\"isPartOf\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg\",\"datePublished\":\"2020-10-14T18:55:30+00:00\",\"dateModified\":\"2021-02-11T08:13:37+00:00\",\"description\":\"The process of email authentication is like showing your identification card at the entrance of a building. It confirms you are who you say you are. In a world where cybercriminals can easily alter email addresses, email authentication is a necessary tool that weeds out fraudulent messages.\",\"breadcrumb\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage\",\"url\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg\",\"contentUrl\":\"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg\",\"width\":1000,\"height\":662,\"caption\":\"emails that failed email authentication\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/mailsafi.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Email Authentication: The Ultimate Anti-Phishing Solution\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#website\",\"url\":\"https:\/\/mailsafi.com\/blog\/\",\"name\":\"The MailSafi Blog\",\"description\":\"We Stop Spam\",\"publisher\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/mailsafi.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#organization\",\"name\":\"Message Labs Africa\",\"url\":\"https:\/\/mailsafi.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Message Labs Africa\"},\"image\":{\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/msgafricaltd\/\",\"https:\/\/x.com\/msgafricaltd\",\"https:\/\/www.linkedin.com\/feed\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/d2ec682ba327149927593938af3f9d14\",\"name\":\"the_leaders\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7ca448387530cb3177261ca8cd87ff2a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7ca448387530cb3177261ca8cd87ff2a?s=96&d=mm&r=g\",\"caption\":\"the_leaders\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Email Authentication: The Ultimate Anti-Phishing Solution &#187; The MailSafi Blog","description":"The process of email authentication is like showing your identification card at the entrance of a building. It confirms you are who you say you are. In a world where cybercriminals can easily alter email addresses, email authentication is a necessary tool that weeds out fraudulent messages.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/","og_locale":"en_US","og_type":"article","og_title":"Email Authentication: The Ultimate Anti-Phishing Solution &#187; The MailSafi Blog","og_description":"The process of email authentication is like showing your identification card at the entrance of a building. It confirms you are who you say you are. In a world where cybercriminals can easily alter email addresses, email authentication is a necessary tool that weeds out fraudulent messages.","og_url":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/","og_site_name":"The MailSafi Blog","article_publisher":"https:\/\/www.facebook.com\/msgafricaltd\/","article_published_time":"2020-10-14T18:55:30+00:00","article_modified_time":"2021-02-11T08:13:37+00:00","og_image":[{"width":1000,"height":662,"url":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg","type":"image\/jpeg"}],"author":"the_leaders","twitter_card":"summary_large_image","twitter_creator":"@msgafricaltd","twitter_site":"@msgafricaltd","twitter_misc":{"Written by":"the_leaders","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#article","isPartOf":{"@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/"},"author":{"name":"the_leaders","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/d2ec682ba327149927593938af3f9d14"},"headline":"Email Authentication: The Ultimate Anti-Phishing Solution","datePublished":"2020-10-14T18:55:30+00:00","dateModified":"2021-02-11T08:13:37+00:00","mainEntityOfPage":{"@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/"},"wordCount":2279,"publisher":{"@id":"https:\/\/mailsafi.com\/blog\/#organization"},"image":{"@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage"},"thumbnailUrl":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg","keywords":["anti-phishing","DKIM","DMARC","email authentication","SPF"],"articleSection":["Email Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/","url":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/","name":"Email Authentication: The Ultimate Anti-Phishing Solution &#187; The MailSafi Blog","isPartOf":{"@id":"https:\/\/mailsafi.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage"},"image":{"@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage"},"thumbnailUrl":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg","datePublished":"2020-10-14T18:55:30+00:00","dateModified":"2021-02-11T08:13:37+00:00","description":"The process of email authentication is like showing your identification card at the entrance of a building. It confirms you are who you say you are. In a world where cybercriminals can easily alter email addresses, email authentication is a necessary tool that weeds out fraudulent messages.","breadcrumb":{"@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#primaryimage","url":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg","contentUrl":"https:\/\/mailsafi.com\/blog\/wp-content\/uploads\/2020\/10\/Email_Security2.jpg","width":1000,"height":662,"caption":"emails that failed email authentication"},{"@type":"BreadcrumbList","@id":"https:\/\/mailsafi.com\/blog\/email-authentication-the-anti-phishing-solution\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mailsafi.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Email Authentication: The Ultimate Anti-Phishing Solution"}]},{"@type":"WebSite","@id":"https:\/\/mailsafi.com\/blog\/#website","url":"https:\/\/mailsafi.com\/blog\/","name":"The MailSafi Blog","description":"We Stop Spam","publisher":{"@id":"https:\/\/mailsafi.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mailsafi.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mailsafi.com\/blog\/#organization","name":"Message Labs Africa","url":"https:\/\/mailsafi.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/","url":"","contentUrl":"","caption":"Message Labs Africa"},"image":{"@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/msgafricaltd\/","https:\/\/x.com\/msgafricaltd","https:\/\/www.linkedin.com\/feed\/"]},{"@type":"Person","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/d2ec682ba327149927593938af3f9d14","name":"the_leaders","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mailsafi.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7ca448387530cb3177261ca8cd87ff2a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7ca448387530cb3177261ca8cd87ff2a?s=96&d=mm&r=g","caption":"the_leaders"}}]}},"post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts\/1983"}],"collection":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/comments?post=1983"}],"version-history":[{"count":11,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts\/1983\/revisions"}],"predecessor-version":[{"id":2828,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/posts\/1983\/revisions\/2828"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/media\/1920"}],"wp:attachment":[{"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/media?parent=1983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/categories?post=1983"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mailsafi.com\/blog\/wp-json\/wp\/v2\/tags?post=1983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}