Mail Sender Authentication
Aug 21, 2023
Mail Sender Authentication is designed to provide additional protection for your corporate mail infrastructure against spam and phishing.
Kaspersky Security 8 for Linux Mail Server uses the following Mail Sender Authentication technologies:
- SPF (Sender Policy Framework) authentication.
- DKIM (DomainKeys Identified Mail) authentication.
- DMARC (Domain-based Message Authentication, Reporting and Conformance) authentication.
SPF Mail Sender Authentication – comparing IP addresses of mail senders with the list of possible message sources that has been created by the mail server administrator.
Kaspersky Security 8 for Linux Mail Server receives lists of possible message sources from the DNS server.
Enable SPF authentication if Kaspersky Security 8 for Linux Mail Server receives messages directly from the Internet. Disable SPF authentication if Kaspersky Security 8 for Linux Mail Server receives messages from an intermediate internal server.
DKIM Mail Sender Authentication – verification of the digital signature added to messages.
A digital signature associated with the name of the organization's domain is added to messages. Kaspersky Security 8 for Linux Mail Server verifies this digital signature.
DMARC Mail Sender Authentication – Verification that determines the policy and actions taken on messages based on the results of SPF and DKIM Mail Sender Authentication.
After the message has passed SPF and DKIM authentication, the program verifies that the domain containing the sender's address in the From field of the email message header matches the SPF and DKIM IDs.
To enable SPF, DKIM, and DMARC message authentication, you have to allow Kaspersky Security 8 for Linux Mail Server to connect to the DNS server. If the connection to the DNS server is prohibited, SPF, DKIM, and DMARC Mail Sender Authentication is disabled.
If Kaspersky Security 8 for Linux Mail Server detects violations during SPF, DKIM, or DMARC Mail Sender Authentication, it is considered that SPF, DKIM, or DMARC Mail Sender Authentication has detected authentication violations.