Select your language

SPF, DKIM, and DMARC are different e-mail authentication methods that aim to increase security in e-mail traffic and impede phishing and potential identity theft.

SPF determines which mail servers or IP addresses can send e-mails with a domain. Upon receipt of an e-mail, the recipient’s server accesses the DNS zone of the sender domain. In doing so, it compares whether the sender’s server matches the details in the SPF record. This article discusses SPF in more detail.

DKIM adds a digital signature to e-mails. The recipient’s server can verify this signature with a public key stored in the DNS zone of the sender domain. As a result, the recipient can be sure that the e-mail content is unchanged and that the e-mail originates from a authorized sender. DKIM therefore supplements SPF. This article discusses DKIM in more detail.

When using DMARC, a domain owner can define how e-mails should be handled that come from their domain and do not pass the SPF or DKIM test. A “DMARC policy” defines whether these kinds of e-mails should be rejected, moved to the spam folder, or delivered normally.

Please use this form only to provide feedback on the above guide.
For support requests please use this form instead.


Unable to find what you were looking for?

Our support experts are happy to assist you personally!


© 2001 - Hostpoint AG