Email Authentication: SPF, DKIM and DMARC Explained

Table of Contents

Email marketing is one of the most effective ways to communicate with leads and convert them. That is, if your emails reach their intended recipients. Which is why it is important your emails are optimised for deliverability.

The internet is full of spam, as a result service providers adopt various methods of catching out spam and blacklisting accounts that engage in it.

That’s great right?

Not always, sometimes genuine emails can end up in the spam folder or senders getting blacklisted.

One way of avoiding the blacklist and improving deliverability is configuring your SPF, DKIM and DMARC protocols. In this post we will explain what they are and what they do.

What is SPF, DKIM and DMARC?


Sender Policy Framework (SPF) is an email authentication policy. You can register IP addresses that are authorised to send emails from your domain and should be trusted.

When emails are sent out they go through an authentication process before they reach your inbox. By adding your Mail Server IP, your deliverability will improve as emails coming from this address can be verified against your domain.


A Domain Keys Identified Mail is another method of email authentication. This method adds an encrypted digital signature to your email which is used to verify that the email has indeed been sent by an owner of the domain.

Setting this up correctly helps verify the emails message and body, and that attachments have not been modified. This is also true for messages that are being forwarded.


Domain-based Message Authentication, Reporting and Conformance allows you to decide how emails that do not pass SPF and DKIM checks should be treated. It also enables you to keep track of instances when someone tries to impersonate your domain.

By configuring your DMARC policy you can choose if you want unauthorised mail to go into spam, be rejected or ignored by the recipient’s inbox. 

The main benefit of this is that you are protecting your brand reputation, which can be affected by scammers spoofing recipients using your domain. This can then negatively impact your deliverability.

On top of that it allows you to monitor who is sending emails from your domain, giving you greater insight into how your domain is being used.

You can check if you’ve correctly configured everything using the NCSC Email security check.


Email authentication is an important part of email delivery. Emails that cannot be authenticated will end up in spam folders or rejected entirely. This can lead to your domain being blacklisted for spam.

Configuring SPF, DKIM and DMARC protocols ensures recipients can confirm your email comes from a trusted domain. It also helps tackle spoofing, so that no unauthorised 3rd parties can send emails pretending to be from your domain.

Get In Touch

Subscribe to our newsletter

Receive the latest news and offers

Subscribe To Our Newsletter