InfoTrust - SPF and DKIM Consulting


Sender Policy Framework (SPF) is a simple email authentication protocol used to validate your email. SPF provides a mechanism for receiving mail exchangers to check that incoming mail from a domain is coming from one which is authorised. Email receivers who validate the authenticity of messages will use SPF to query the DNS records associated with your sending domain to obtain a list of IP addresses you have explicitly authorised as valid sending systems.


DomainKeys Identified Mail (DKIM) defines a standardised way for those who send email to digitally sign. This allows recipients to confirm with a high degree of assurance who the sender of the email really is, and whether or not the message was altered during transit. It complements SPF by providing email senders with a way to digitally sign all outgoing email from their domain. DKIM is one of the two underlying authentication methods incorporated into DMARC.


SPF and DKIM alone aren’t complete solutions to email authentication. With just DKIM and SPF there is no way for a recipient system to know how much reliance they should put on email validation, nor is there any way for email recipients to send feedback to senders. Additionally, domains that are authenticated are buried deep in the message headers and not easily visible to a typical end user.

These limitations have led to the development of DMARC – the only way to truly authenticate emails. InfoTrust is a DMARC solution provider for businesses in Australia. We provide comprehensive cybersecurity services, including secure email ecosystem, endpoint security, cloud access security and more.