-
MX (Mail Exchange): Determines where your emails should be routed to on the internet. It is the equivalnet of an
A
record where you set the server IP, which in theMX
case it will be the mail server FQDN or IP.- Multiple entries can be added for additional availability.
- Priority is added ot the DNS entries as well.
- Example:
@ MX mailhost1.example.com
-
SPF (Sender Policy Framework) - Receiving server queries DNS and confirms sender's origin.
- Verify the origin of the sender (IP4, IP6, include, MX. Syntax: http://www.open-spf.org/SPF_Record_Syntax).
- DNS entries that tells servers receiving emails which sender servers are allowed to send emails on behalf of a domain.
- Servers that receive emails query the DNS to confirm it came from an authorized sending server or IP address.
- Fail: Reject / Mark as spam
- Accepted: Email goes to inbox.
- Example DNS TXT record:
v=spf1 ip4:192.168.100.11 -all
-
DKIM (Domain Keys Identified Mail): Sender signs message and receiver confirms signature querying DNS.
- Sender signs all outbound messages from a domain with a private key, and the public key is published to the DNS. Receiving servers can compare to see if it matches.
- Security options:
- Manual
- Automated
- Example CNAME:
em.emaildomain.com uxxxxxx.wl.sendgrid.net CNAME s1._domainkey.emaildomain.com s1.domainkey.uxxxxxx.wl.sendgrid.net CNAME s2._domainkey.emaildomain.com s2.domainkey.uxxxxxx.wl.sendgrid.net CNAME
-
DMARC - Combines the SPF and DKIM, with the addition of a DMARC entry.
- DMARC adds reporting capability in the protocol.
- Email receiver flow:
- Checks SPF
- Checks DKIM
- Checks DMARC record
- Option to tell email receivers to report back to you about how your domain is being used.
- Example record:
v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@dmarcdomain.com
- Syntax: https://dmarc.org/overview/
Last active
December 19, 2022 18:58
-
-
Save epomatti/5f47f99bbd20332766a7122b0175877a to your computer and use it in GitHub Desktop.
Email Verification Protocols
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment