Core ConceptsΒΆ

Understanding the fundamentals of email security and how the ReputeAPI works.

OverviewΒΆ

This section covers the core concepts you need to understand to effectively use the ReputeAPI and improve your domain's email security.

Topics CoveredΒΆ

Why Email Security MattersΒΆ

Email is the most common attack vector for phishing, spoofing, and business email compromise (BEC). Proper email security configuration:

βœ… Prevents Spoofing - Stops attackers from impersonating your domain βœ… Builds Trust - Improves email deliverability and sender reputation βœ… Protects Brand - Prevents your domain from being used in phishing attacks βœ… Meets Compliance - Satisfies security and privacy requirements

The Three PillarsΒΆ

Email security is built on three complementary standards:

1. SPF (Sender Policy Framework)ΒΆ

Defines which mail servers are authorized to send email for your domain.

example.com. IN TXT "v=spf1 include:_spf.google.com -all"

2. DKIM (DomainKeys Identified Mail)ΒΆ

Adds cryptographic signatures to emails to verify authenticity and detect tampering.

selector._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGfMA..."

3. DMARC (Domain-based Message Authentication)ΒΆ

Tells receiving servers what to do with emails that fail SPF or DKIM checks.

_dmarc.example.com. IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"

How They Work TogetherΒΆ

graph LR
    A[Incoming Email] --> B{SPF Check}
    B --> C{DKIM Check}
    C --> D{DMARC Check}
    D -->|Pass| E[Deliver to Inbox]
    D -->|Fail + p=reject| F[Reject Email]
    D -->|Fail + p=quarantine| G[Mark as Spam]
    D -->|Fail + p=none| H[Deliver + Report]
  1. SPF verifies the sending server is authorized
  2. DKIM verifies the email hasn't been modified
  3. DMARC checks alignment and enforces policy

Next StepsΒΆ