An intro to SPF, DKIM, and the need for email authentication

 
 
Ever since the dawn of spam, ISPs have been trying to protect their users from unsolicited and malicious emails. The methods and techniques have evolved over the years, but one of the main tools that are still used today is email authentication.
 

What is email authentication?   

Simply put, email authentication is a way for senders to establish who is authorized to send emails on their behalf, and from what domains and IP addresses. ISPs place a lot of weight on email authentication in their overall filtering protocols, as it provides a powerful way to separate unauthorized spam sources from legitimate mailers.  
 

What email authentication methods do ISPs use?  

The two main email authentication methods currently being used by ISPs are SPF and DKIM.  SPF stands for Spender Policy Framework, and it authenticates the mailing IP addresses with the sender (i.e., the carrier of the message). DKIM stands for DomainKeys Identified Mail, and it authenticates the email domain being used with the sender of the message.
 

What happens if you don’t use SPF and/or DKIM?   

If you’re not authenticating your emails with SPF, your messages will get blocked straight away. If you’re not using DKIM authentication, your messages will be flagged and redirected to the junk folder without any other consideration.  Authenticating your email with both methods will improve the chances that your messages to be accepted by ISPs and reach the intended recipients.  Both of these authentication methods have become industry standards that cannot be avoided by legitimate mailers. In fact, essential deliverability tools provided by ISPs like feedback loops and whitelist programs are only available to senders who authenticate their email.
If you’re not sure whether your email is being authenticated, you should verify it right away with your IT team or email provider. The good news is that most major ESPS will automatically set up email authentication (both SPF and DKIM) during the on-boarding and IP provisioning process.  That’s because they understand the significance of having authentication in place before their clients sent out their first campaign.
Once you have SPF and DKIM in place, you can focus on what matters most – sending messages that your consumers want to receive in the first place.