Required changes to email systems
Google and Yahoo are changing how emails are authenticated by enforcing protocols that have been around for many years. Other business platforms are soon to follow, requiring these settings in place.
Domain-based Message Authentication, Reporting, and Conformance (DMARC), DomainKeys Identified Mail (DKIM), and Sender Policy Framework (SPF) are email authentication protocols that help prevent email spoofing and phishing attacks. These protocols work together to ensure that email messages are sent from authorized servers and that the sender's identity is verified.
DMARC is an email authentication protocol designed to allow email domain owners to protect their domain from unauthorized use or DMARC builds on the widely deployed SPF and DKIM protocols, adding a reporting function that allows senders and receivers to improve and monitor the protection of the domain from fraudulent email.
DKIM is an email authentication method that allows the receiver to check that an email was indeed sent and authorized by the owner of that domain. This is achieved by affixing a digital signature linked to a domain name to each outgoing email message. The recipient system can verify this by looking up the sender's public key published in the DNS.
SPF is an email authentication protocol that allows the owner of a domain to specify which mail servers they use to send mail from their domain. This is done by adding an SPF record to the domain's DNS zone file. When a mail server receives an email claiming to be from a particular domain, it can check the SPF record to see if the sending server is authorized to send mail on behalf of that domain.
Together, these protocols help to ensure that email messages are sent from authorized servers and that the sender's identity is verified, reducing the likelihood of email spoofing and phishing attacks. Organizations must implement these protocols to protect their email communications and brand reputation.