Email Authentication Mechanisms: DMARC, SPF and DKIM

Published: February 16, 2017

Author(s)

J. S. Nightingale

Abstract

In recent years the IETF has been making a range of efforts to secure the email infrastructure and its use. Infrastructure protection includes source authentication by RFC 7208 Sender Policy Framework (SPF), message integrity authentication by RFC 6376 Domain Keys Identified Mail (DKIM), and domain owner feedback on the effectiveness of these methods by RFC 7489 Domain- based Message Authentication, Reporting and Conformance (DMARC). The High Assurance Domains (HAD) secure email project at NIST has been supporting the development of these initiatives by developing and deploying test infrastructure. This report describes our cumulative experiences with a test system for DMARC and its related protocols.
Citation: Technical Note (NIST TN) - 1945
Report Number:
1945
NIST Pub Series: Technical Note (NIST TN)
Pub Type: NIST Pubs

Keywords

DMARC, DKIM, SPF, DNS, email, SMTP
Created February 16, 2017, Updated November 10, 2018