What would you do if one day you receive a letter from an unknown sender in Zimbabwe? The dust from the long journey is still visible, and the only thing missing is the ticking sound coming from the envelope! Chances are you won’t even open it, let alone trust it. On-line, in our mailbox, it is quite a different story. One click on a button may cause lots of problems. This can be prevented by using email authentication.


There are three kinds of email authentication available which can filter “good and “bad” emails. That is essential. Especially from a corporate perspective, you want to continue to receive all important messages, yet at the same time, you want to protect yourself and your employees against unwanted online mail. The risks are substantial. Varying from stealing your login details to disclosing financial (credit card) details, CEO-fraud and sending Ransomware


The first variant is SPF, which stands for sender Policy Framework. This is a database which contains details from which server emails can be sent with your email address. Just like with mail sent by post, it is also possible to fake the sender with email. Something that is widespread with phishing. SPF helps to prevent your mail address from being misused and prevents other email servers from regarding your mail as spam.


Another essential feature is DKIM which is short for Domain Keys Identified Mail. It is an encryption program for your emails. As soon as you send a message, a code is added to the header of your mail. The mail server of the recipient reads the code and submits a request to the DNS server. It then sends the public key so that the message can be decrypted. At the same time, it is verified whether the code matches the sender. In this way, we can determine that the mail server matches the sender’s “location”.


The last abbreviation in the list is DMARC. DMARC is short for Domain-Based Message Authentication, Reporting and Conformance. It merges SPF and DKIM to become one. It uses both a register and a key. This assures you of the authenticity of an email and the risks of spam are reduced to a minimum. However, DMARC is not yet available on every mail server.


It is important to realize that email authentication is primarily intended to avoid unwanted mail. A hundred percent prevention is not possible. Cyber criminals continuously come up with new methods to infiltrate. However, authentication can reduce the amount of spam considerably and as a result also the risks you run within a company.

Would you like more information about the email authentication we have to offer? Please contact us! You can call +31 20 717 3137, or mail to blogs@utilis-it.com.