Email Security 2026-05-05
A Small Business Guide to Email Security: SPF, DKIM, and DMARC
Understanding the three pillars of email authentication.
Email is the most common vector for cyber attacks. The three pillars of email authentication — SPF, DKIM, and DMARC — work together to protect your domain from email spoofing and phishing.
SPF (Sender Policy Framework) SPF specifies which mail servers are authorized to send email on behalf of your domain. Without SPF, anyone can send emails that appear to come from your domain.
DKIM (DomainKeys Identified Mail) DKIM adds a digital signature to outgoing emails. Receiving servers verify this signature to ensure the email was not altered in transit and truly came from your domain.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) DMARC ties SPF and DKIM together with a policy that tells receiving servers what to do with unauthenticated emails: monitor (p=none), quarantine (p=quarantine), or reject (p=reject).
Getting Started
Check your domain's email security configuration using our free SPF, DKIM, and DMARC tools. Even basic configurations provide significant protection against email spoofing.