DKIM
3 items
SPF
SPF (Sender Policy Framework) is an email-validation protocol designed to detect email spoofing. It prevents unauthorised use of a domain name in email messages by verifying that an incoming message comes from an IP address authorised by the domain owner. The authorised IPs are published in the domain's SPF record in DNS; if the source IP of a message is not listed, the receiving server can reject or flag the message as potentially fraudulent.
ARC
Authenticated Received Chain (ARC) is an email-authentication protocol that establishes a chain of trust between email domains. It allows receivers to authenticate the original sender of a message even after it has been forwarded multiple times. Each hop in the delivery path appends a set of ARC- headers capturing its own authentication results, and downstream verifiers can evaluate the whole chain to decide whether to trust a message whose SPF or DKIM might otherwise have been invalidated by forwarding.
DMARC
DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email-authentication protocol that allows receivers to determine whether incoming messages are legitimate and were sent from authorised sources. A sending domain publishes a DMARC policy as a DNS TXT record, specifying how receivers should treat messages that fail SPF or DKIM authentication. DMARC also provides a reporting mechanism that lets the sender receive feedback on how their messages are handled, which can be used to detect abuse of the domain.
Reverse IP
Reverse IP verification validates the authenticity of the connecting client's IP address. The server performs a reverse DNS lookup of the remote IP and compares the result against the hostname provided in the EHLO or HELO command. If they do not match, the server can reject the connection to guard against hosts that disguise their origin when sending spam or performing other malicious activity. Reverse-IP verification helps ensure that incoming SMTP connections are legitimate.