Understanding Email Authentication: SPF, DKIM, DMARC & BIMI
Know more on Batch default setup for SPF, DKIM, DMARC, MX and BIMI.
About Email Authentication
Email authentication is the first aspect senders should consider when they start sending emails. Email authentication is required by mailbox providers, and crucial for verifying sender identity and minimizing email spoofing risks.
When sending emails, ensure you have correctly implemented the following technical measures:
Sender Policy Framework (SPF)
DomainKeys Identified Mail (DKIM)
Domain-based Message Authentication, Reporting, and Conformance (DMARC)
While this is not related to email authentication, we also recommend implementing:
MX records, to specify the servers responsible for receiving email
Brand Indicators for Message Identification (BIMI)
Sender Policy Framework (SPF)
SPF is used for sending IP validation. SPF is designed to stop spammers from sending emails that falsely appear to come from your domain.
To implement SPF, you need to create and publish an SPF record for your domain, listing all authorized email servers.

DomainKeys Identified Mail (DKIM)
DKIM enables inbox providers to verify the email is authentic and hasn't been modified during the delivery.
DKIM is an email authentication method that helps protect against email spoofing and phishing attacks. It allows an organization to verify the authenticity of an email message, enabling recipients to confirm that the message was indeed sent by the domain owner.

Domain-based Message Authentication, Reporting, and Conformance (DMARC)
DMARC helps prevent email spoofing and phishing by allowing domain owners to set policies that dictate how receiving servers should manage emails that fail SPF or DKIM checks, such as quarantining or rejecting them.
Additionally, DMARC provides domain owners with reports on email delivery and authentication, aiding in the monitoring and enhancement of email security.

Optional Setup
→ Specify the Servers Responsible for Receiving Email
Some inbox providers may require the presence of a Mail Exchange (MX) record to accept emails. An MX record is a type of DNS record that specifies the mail servers responsible for receiving email messages on behalf of a domain.

You can use the MX records Batch implementation team provides by default as part of the onboarding process, or use your own if you want to process the responses in a specific tool you are already using (e.g., a ticketing tool, etc.).
→ Brand Indicators for Message Identification (BIMI)
Brand Indicators for Message Identification (BIMI) is an email specification that allows authenticated senders to display their logos within supporting email clients, improving brand recognition.

BIMI adds value for brands that want to stand out in the recipient's inbox or that are more likely to be targeted by phishing campaigns (e.g., finance, insurance, etc.). Note that BIMI implementation is optional and not all email providers currently support it.
Last updated
Was this helpful?