Email authentication - Understanding headers

Email authentication is crucial to ensure your emails reach recipients’ inboxes, especially for transactional emails where errors are unacceptable. The main methods of authentication include SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance).

To verify these configurations, examine the email headers for specific elements. Understanding these details will help you improve your email deliverability and security.

1. SPF Header

Received-SPF header indicates the result of the SPF check performed by the receiving server, and the Authentication-Results header indicates the result of the SPF check.

2. DKIM Header

The DKIM-Signature header contains the email’s DKIM signature, and the Authentication-Results header indicates the result of the DKIM verification.

3. DMARC Header

The Authentication-Results header indicates the result of the DMARC verification.

4. Authentication-Results Header

In addition to the SPF and DKIM specific headers, the Authentication-Results header provides an overview of the email authentication results.

Authentication-Results: mx.google.com;
 spf=pass (google.com: domain of sender@example.com designates 192.0.2.1 as permitted sender) smtp.mailfrom=sender@example.com;
 dkim=pass header.i=@example.com header.s=selector1 header.b=Gw+yUxcC;
 dmarc=pass (p=NONE) header.from=example.com

If you want to know more, read our article about Email Authentication header