What is Email Authentication?
Actualisé le août 6, 2018
Today ISP’s are seriously working to rid their networks of spam. Email authentication can help these ISP’s to validate that the email is originating from a legitimate source and the recipient can validate the mail source. So if an email message appears to come from one domain, while actually it is delivered from another, the recipient can verify if the mail source is valid based on additional header information passed in the email. This is a great technique to prevent spoofing and phishing scams.
ISP’s uses different techniques to authenticate the incoming emails, and the three major standards prevailing are
- Sender ID
Sender ID is a Microsoft protocol which validates one of the email’s header fields. It retrieves the Purported Responsible Address (PRA) for the email and then validates that address against the sender. It is used by Hotmail and Windows Live Mail.
- Sender Policy Framework (SPF)
SPF authenticates the envelope HELO and MAIL FROM identities by comparing the sending mail server’s IP address to the list of authorized sending IP addresses published by the sender domain’s owner in a "v=spf1" DNS record. It is used by AOL, Google, Earthlink, Hotmail, and many other providers.
DomainKeys uses cryptographic authentication to validate the domain name that is associated with the message.
For more information on some key concepts/points/topics, kindly refer the given links: