SPF, DKIM, and DMARC

Three email authentication standards that prevent spoofing and phishing. SPF (Sender Policy Framework) specifies which servers can send email for a domain via DNS TXT records. DKIM (DomainKeys Identified Mail) adds a cryptographic signature to verify message integrity. DMARC (Domain-based Message Authentication) ties SPF and DKIM together with reporting and policy enforcement. Failures can result in SMTP rejections.