Email Authentication 101: What Do You Need To Know?

One of your primary goals is to ensure that your messages are getting to your target audience. One of the best ways to accomplish that is to comply with ISPs requirements by authenticating your email messages.

What is Email Authentication? Email authentication verifies the identity of the email senders and confirms that the email message is sent from the source that is stated as the sender of the message.

How is this information used by ISPs? Validating the identity of the email sender is important for ISPs to fight fraud and forgery. Email authentication simplifies and automates the process for ISPs to verify the identity of the email senders so they can eliminate fraud. If the email messages are not authenticated then ISPs are likely to reject these messages if they suspect spoofing or phishing.

What methods are used to authenticate email messages?

There are two methods of authentication:

  1. Sender ID and SPF
  2. Domain Keys and DKIM

Sender ID and SPF are IP based authentication methods. With this methodology, the sender specifies which IPs are permitted to send from a particular domain name. When an email sender requests a connection from the ISP, the ISP uses this methodology to verify that the IP address of the server that is deploying the messages has permission to send emails from the domain name that displays as the sender of the message.

Domain Keys and DKIM is a cryptographic based authentication. With this methodology, the sender of the message adds a digital signature (a key) in the header of the message that can only be verified by the ISPs. The ISPs look at the sending domain name and digital signature, and performs a DNS look-up to verify that the digital signature is authentic.

Do I need to authenticate my email messages? Yes. If your messages are not authenticated then ISPs are likely to block connections so you should always authenticate your messages. Some ISPs use Sender ID/SPF and others use Domain Keys/DKIM so it is important to authenticate your messages with both standards.

If I use authentication, does that mean my messages will not be blocked? ISPs use your IP and domain reputation to decide if messages should be accepted or rejected, and if it should be delivered to the inbox or the bulk folder. Authentication helps ISPs determine your identity but it does not improve your reputation. In other words, authentication may or may not improve your deliverability but the absence of authentication will hurt your deliverability even if you maintain a good reputation.

Tags: , ,

One Response to “Email Authentication 101: What Do You Need To Know?”

  1. Martijn Grooten
    May 2, 2011 at 9:28 am #

    “With [DKIM], the sender of the message adds a digital signature (a key) in the header of the message that can only be verified by the ISPs”
    No, it can be verified by everyone (with the right knowledge/software). The thing is that it could only have been _added_ by the owner of the domain.

UA-9835597-1