Email may appear safe to everyone using it, however without specific safety measures, data and messages are helpless against spoofing, phising, or other techniques.
To deal with such issues and to cater for email authenticity, standards such as SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Message) are embedded within our mail platform which helps detect messages which actually do not originate from the internet domain they claim to have been sent from.
SPF is an email authentication protocol that allows the owner of a domain to sepcify which mail servers they use to send mail from that domain.
The SPF records lists which IP addresses are authorized to send email on behalf of their domains. During SPF check, email providers verify the SPF record by looking up the domain name listed in the "envelop from" address in the DNS.
If the IP address sending email on behalf of the "envelop from" domain isn’t listed in that SPF record, the message fails SPF authentication.
DKIM is a protocol that allows an organization to take responsbility for transmitting a message in a way that can be verified by mailbox providers.
This verification is made possible through cryptographic authentication.
While transmitting a message, sender selectively signs one or more elements of an email message using its private key and sends it to the recipient; upon receiving a message, receiving email provider notices that email is signed with DKIM signatures and it validates the signatures using public key published in Sender’s DNS record.