Professional Server Colocation Services. Reliable Dedicated Servers. Dependable Windows and Windows Web Hosting Services.
Home   |   Contact

FAQ: What is email authentication?


Here's a question we get often: What is email authentication and what is it used for?

Answer: Legitimate email marketers and Internet eCommerce professionals are continually trying to implement standards for email delivery to help reduce unsolicited bulk emails, spam and so-called phishing emails without impinging on legitimate bulk email campaigns. Email authentication simply means verifying whether a person or computer is who they say they are.

As it pertains to email marketing, authentication specifically attempts to match the sender of the message to the domain that the email message is purportedly coming from. Even in today's advanced email marketing environment, it is relatively easy to spoof unprotected domains. Currently, there are two common types of authentication that are enjoying widespread use: Sender Policy Framework (SPF) and Domain Keys. It's important to note that by default, Avantex Hosting includes both in all its email hosting plans.

1) SPF: Sender Policy Framework is an extension of SMTP (Simple Mail Transfer Protocol). SPF specifically addresses email spoofing, a common spamming practice referring to forging a sender's address. SPF verifies information from the email message’s envelope, focusing on the return-path email address. Like a regular mail envelope, the email message envelope describes who sent the e-mail message, and to whom it is going.

The SPF record on the Domain Name System (DNS) server responsible for a particular Web domain is what determines the status of the email message: pass, fail, softfail, etc. This information is passed to the recipient mail server. The SPF record specifies which email servers are allowed to send email for a particular domain. SPF simply performs a check on one or more of these computers to verify to the recipient mail server their status.

It should be noted that SPF by itself does not prevent spam, but the recipient mail server reads the information in the SPF file and then makes some sort of determination based on the status.

2) DomainKeys: DomainKeys is an authentication system that is independent of SMTP (Simple Mail Transfer Protocol). Email messages are still sent using SMTP, but DomainKeys is not an SMTP extension. Rather, it deals with the email headers that are outside the message envelope. DomainKeys was designed to identify e-mail spoofing and does not prevent abusive behavior. It simply makes it easier to track. Yahoo implemented DomainKeys in 2004 for outbound email, and since 2005 has tracked incoming keys.

To implement DomainKeys, the SMTP server operator specifies a public/private key pair. The public key is located on the DNS server, and the private key is configured on the SMTP server. When sending emails, the SMTP checks in with the DNS, and if verified, adds a DomainKeys signature to the message headers. The receiving server then reads the signature and checks the public key on the DNS server and verifies the signature.

It then uses that information to apply a rule or deliver the e-mail to the final recipient. If there is no match, the message can be ignored, because it is apparently a spoof. While Yahoo will still receive an email that doesn't have a key pair specified, in the future it could reject email messages that are not digitally signed.

Overall, authentication policies are having a limited impact on email marketing today, simply because the standards are still not fully implemented. These standards will have a greater impact on email delivery, however, as more recipient ISP mail servers check for them. During an attempt to authenticate, if you don't have SPF or Domain Keys implemented, your message will most likely still get through with a neutral response.

Eventually, though, a consensus will be reached, and switches will be flipped to tighten up the requirements.

Back to our FAQ section.


Avantex deals mainly with the largest IT firms in the hosting industry.

Home  |   Contact  |   Terms of Use  |   Acceptable Use Policy  |   Privacy Policy  |   Site Map

© Avantex Hosting.             Logos, trade marks and service marks on this site are the property of their respective owners.