• Home
• Support
• AfterNorth Email Account Support
• Understanding Email Authentication: DKIM, SPF, and DMARC Made Simple

Understanding DKIM, SPF, and DMARC: How They Protect Your Inbox

Fraudulent emails and phishing attacks are on the rise, with some even using AI to create convincing messages that trick you into giving away personal information. To help you stay safe, we’re using email security protocols like DKIM, SPF, and DMARC.

If you see an email with subject prefix of: ⚠ DKIM this identifies a sender that has not yet setup a way for recipient email servers like ours to validate if that sender is lagitimate or not. So please take caution with any email that are tagged this way.

What is DKIM?

DKIM (DomainKeys Identified Mail) ensures that an email was really sent by the domain it claims to come from. Think of it like a digital signature: it verifies the sender and that the message wasn’t tampered with along the way. Emails without DKIM can’t be verified, which makes them riskier.

What is SPF?

SPF (Sender Policy Framework) checks if an email was sent from an approved server for that domain. It’s like verifying someone’s ID before they’re allowed to send emails on behalf of a company.

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) ties everything together. It lets email providers know what to do with emails that fail DKIM or SPF checks, like marking them as suspicious.

Why the (DKIM Sender Unvalidated) Tag?

Starting October 24th 2024, emails without a DKIM signature will be tagged with (DKIM Sender Unvalidated). This helps you easily spot messages that haven’t been verified. While not every unvalidated email is dangerous, it’s a warning to be cautious, especially with emails asking for personal info or containing links and attachments.

What to Do if You See the Tag:

• Be careful with the email, especially if it’s asking for sensitive info.
• Double-check the sender’s details and think twice before clicking any links.
• Report anything suspicious to support.
• You can also notify the sender so they can ask their email provider to enable DKIM signature validation on their emails.

Is the DKIM tag bad or good?

Any email flagged with ⚠ DKIM in the subject means that the sender does not yet use DKIM, which is the only reliable method for us to verify sender identity.

If they have DKIM setup, we can identify if the sender is unauthorized or if the email has been tampered with by a man in the middle attack. So ⚠ DKIM is not necessarily bad or good, but we have no way to validate if the from address is valid.

A good example of this would be if your bank does not use DKIM yet, and someone spoofed an email from them, the from email address would appear to be them but it could be from someone looking to get you to click on a fraudulent link that goes to a clone of the bank website. Since AI is getting more sophisticated, more users are getting tricked by these types of emails. If the bank uses DKIM, we can identify it as fraud and move it to your spam folder.

This tag is part of our effort to protect you from phishing attempts and AI-generated scams. If you’d like more info, feel free to reach out or check out the related security resources on our site.