A Small Business Guide to Email Security: SPF, DKIM, and DMARC

Understanding the three pillars of email authentication and how they prevent phishing and spoofing attacks.

Email is the most common vector for cyber attacks. The three pillars of email authentication — SPF, DKIM, and DMARC — work together to protect your domain from email spoofing and phishing.

SPF (Sender Policy Framework) SPF specifies which mail servers are authorized to send email on behalf of your domain. Without SPF, anyone can send emails that appear to come from your domain.

DKIM (DomainKeys Identified Mail) DKIM adds a digital signature to outgoing emails. Receiving servers verify this signature to ensure the email was not altered in transit and truly came from your domain.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) DMARC ties SPF and DKIM together with a policy that tells receiving servers what to do with unauthenticated emails: monitor (p=none), quarantine (p=quarantine), or reject (p=reject).

Getting Started

Check your domain's email security configuration using our free SPF, DKIM, and DMARC tools. Even basic configurations provide significant protection against email spoofing.

Check Your Website Now

Use our free tools to analyze your website's security posture.

Get Trust Score