Email Authentication: What is it and how does it work?

When you send emails,
mailbox providers need to know
if it's really you sending them.

When you send emails, mailbox providers (such as Gmail, Outlook, AOL, Yahoo and companies you may have B2B relationships with) need to identify whether the message is a legitimate email sent from the owner of the domain’s email address or a forged email sent by a spammer or phisher masquerading as you. This includes email sent from third-party applications you might use for your business as well as our ecard delivery platforms.

There are 3 methods that are widely recognized and used to verify the identity of a sender. These are SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail) and DMARC(Domain-based Message Authentication, Reporting & Conformance ).

The 3 most widely recognized and used methods to verify the identity of a sender are SPF, DKIM and DMARC.

A few big reasons we recommend setting up these email authentication protocols are:

Removes the “via..." header from Gmail and some of the other email clients. This gets removed when you set up DKIM authentication.

Build up your reputation as an email sender on your own domain name. Sending an email without authentication is like handing in an exam without your name on it. You may have aced the exam, but you can’t take credit for it without your name on it. DKIM signs your email as truly from you and will help build your reputation as an email sender.

Tighten up the security on your domain name and guard your email. Email Authentication standards such as DMARC will help protect your domain name from spammers and phishers who may fraudulently be using it to hurt your reputation or scam your customers.

Email authentication is not a magic bullet.

Email authentication alone will not cover-up poor email practices.

Email Authentication will not help senders who do not follow best email practices. On top of implementing proper Email Authentication, to be a good sender, here is a list of things you must also do.

  • Never use rented or purchased lists.
  • Have clear messages during the opt-in process. Customers should know what sort of emails they can expect to receive and how often.
  • Perform frequent list hygiene. Remove recipients from your list who are not engaging with you emails.
  • REMOVE anyone who opts-outs as soon as possible.
  • Ensure you follow the latest legislation for all regions your recipient may reside or operate. Some examples are CANSPAM, CASL and GDPR.

A good sender reputation is what gets you into the inbox.

Remember setting up email authentication like SPF, DKIM and DMARC is not a magic bullet. It’s one aspect of ensuring your domain’s overall sender reputations is, and stays, good. It's a good sender reputation that gets you into the inbox.


Posted: 2021-02-02


TOP