E-Mail Authentication Primer: First in 3-Part Series on E-Mail Authentication
The importance of e-mail authentication has been discussed much lately in the media, in blogs and at industry trade conferences. Before you embark on an e-mail authentication program, though, you'll need to separate fact from fiction. In this three-part series, Knowledge Center contributor Ellen Siegel explains what e-mail authentication is, why e-mail authentication is important, how e-mail authentication works and what exactly you need to do to authenticate your e-mail.Editor's Note: In this first installment of her three-part series on e-mail authentication, Knowledge Center contributor Ellen Siegel shares a comprehensive, high-level overview of e-mail authentication. In Part 2, Ellen delves into the functionality and implementation details of Sender Policy Framework (SPF) and Sender ID authentication. In Part 3, Ellen delves into the functionality and technical details of Domain Keys Identified Mail (DKIM). E-mail authentication allows an organization that sends an e-mail to take responsibility for it; it associates a clear sender identity with each authenticated message that can be validated by the receiver. You can think of the authenticated identity as a driver's license; it provides a reliable indicator of identity. Note that the responsible (authenticated) sender organization may not always be that of the author of the e-mail. Sometimes it may be an e-mail service provider (ESP) or a forwarding entity responsible for the transmission of the message.
This ability to perform identity validation wouldn't be such an issue if e-mail was secure but, unfortunately, e-mail was not designed with security in mind (much like the postal mail service). In order to avoid any incompatibilities that would break existing e-mail deployments, e-mail authentication is designed and implemented as a set of extensions to the existing e-mail. This leaves individual deployments free to upgrade to the new capabilities on their own schedule.