Email authentication

Email authentication, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the domain ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message.

The original base of Internet email, Simple Mail Transfer Protocol (SMTP), has no such feature, so forged sender addresses in emails (a practice known as email spoofing) have been widely used in phishing, email spam, and various types of frauds. To combat this, many competing email authentication proposals have been developed. By 2018^[update] three had been widely adopted – SPF, DKIM and DMARC.^[1]^[2] The results of such validation can be used in automated email filtering, or can assist recipients when selecting an appropriate action.

This article does not cover user authentication of email submission and retrieval.

^ Hang Hu; Peng Peng; Gang Wang (2017). "Towards the Adoption of Anti-spoofing Protocols". arXiv:1711.06654 [cs.CR].
^ kerner, Sean Michael (2 January 2018). "DMARC Email Security Adoption Grows in U.S. Government". eWeek. Retrieved 24 November 2018.

[1] Hang Hu; Peng Peng; Gang Wang (2017). "Towards the Adoption of Anti-spoofing Protocols". arXiv:1711.06654 [cs.CR].

[2] rner, Sean Michael (2 January 2018). "DMARC Email Security Adoption Grows in U.S. Government". eWeek. Retrieved 24 November 2018.

[1]

[2]

Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

Email authentication

Our website is made possible by displaying online advertisements to our visitors.
Please consider supporting us by disabling your ad blocker.