How does email authentication work?

There are several different approaches to email authentication, each with its own advantages and disadvantages. Although the specific technical implementation varies from approach to approach, in general, the process works something like this:

1. A business or organisation that sends email establishes a policy that defines the rules by which email from its domain name can be authenticated.
2. The email sender configures its mail servers and other technical infrastructure to implement and publish these rules.
3. A mail server that receives email authenticates the messages it receives by checking details about an incoming email message against the rules defined by the domain owner.
4. The receiving mail server acts upon the results of this authentication to deliver, flag, or even reject the message.

As these steps make clear, for this process to work, the sender and the receiver both must participate. That’s why technical standards for email authentication are so important: they define a common approach to defining the rules for email authentication that any organisation can implement. Bear in mind that email sender authentication provides recipients of a message some level of certainty that the email message actually originated from the represented source. This ultimately generates trust and confidence in recipients, which is why understanding how to authenticate email is crucial to organisations.