Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing
by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain
comes from a host authorized by that domain's administrators. The list of authorized sending hosts
for a domain is published in the Domain Name System (DNS) records for that domain in the form of a
specially formatted TXT record. Email spam and phishing often use forged "from" addresses, so
publishing and checking SPF records can be considered anti-spam techniques.
Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing.
It allows the receiver to check that an email claimed to have come from a specific domain was indeed authorized
by the owner of that domain. It is intended to prevent forged sender addresses in emails, a technique often used
in phishing and email spam.
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email-validation system designed
to detect and prevent email spoofing. It is intended to combat certain techniques often used in phishing and email spam,
such as emails with forged sender addresses that appear to originate from legitimate organizations. Specified in RFC 7489,
DMARC counters the illegitimate usage of the exact domain name in the From: field of email message headers.