The Three Pillars Behind Email Security and Why They’re Important

contact us, contact, call-4193637.jpg

When it comes to email security, it’s much more than just buying a domain, an email service through Microsoft 365, Google Workspace or other providers as these typically don’t give you the tools or guidance needed to setup proper email security. Typically, their instructions give you just enough to get email working and that’s kind of it.

Most businesses don’t know their security posture, which isn’t really their fault as they trust the email provider to give them instructions on what is going to protect them. Email security, like most things involving security of any kind can cause email delivery issues, which a lot of email providers don’t want to have to support. Thats where an IT Service Provider or internal IT takes over to ensure that email is both secure as well as deliverable.

We’re going to highlight some key points of email security as it relates to the small business.


SPF, DKIM, & DMARC are critical security features that play important roles in ensuring the authenticity, integrity, and confidentiality of email communication and domain management. If not properly configured, these features can leave a company vulnerable to various cyber threats and attacks.

These acronyms may sound daunting, but we’re going to go over what they mean and how they protect both you and your clients.

SPF (Not Sunscreen)

SPF stands for Sender Policy Framework, and without getting too in-depth with geek-speak, it basically tells other email servers who is allowed to send emails with your domain name,

Think of an SPF record like being your Driver’s License or ID. Say you have a twin, someone that looks like you, sounds like you, but isn’t really you. They decided to go to the bank to withdraw money from your account. Well, the bank teller (receiving email server) would check their ID (SPF) to validate whether or not it’s you.

This is how SPF works relating to emails. It just validates a server to make sure they are who they say they are. Without this in place, anyone in the world could pose as you and withdraw that money.


DKIM stands for DomainKeys Identified Mail.
DKIM is an email authentication method that helps prevent email spoofing and phishing by allowing a sender to digitally sign their emails. When an email is sent, the sender’s domain generates a digital signature that is included in the email header. The recipient’s email server can then use this signature to verify that the email indeed came from the claimed domain and that it hasn’t been tampered with during transit.

Think of it like a wax seal on an envelope that ensures that the contents of the letter have not been tampered with. If you were to send a letter, but the recipient found it already opened, they would be suspicious of who opened it, why they opened it, and what they did with it.


DMARC stands for (and its a long one) Domain-based Message Authentication, Reporting and Conformance.

DMARC is a policy framework that builds upon SPF (Sender Policy Framework) and DKIM. It allows domain owners to specify how emails that claim to come from their domain should be handled if they fail SPF or DKIM checks. DMARC also enables domain owners to receive reports on email authentication results.

So, in layman’s terms SPF validates your identity. DKIM validates that your message hasn’t been tampered with, so what does DMARC do exactly?

If the email doesn’t come from you, or it appears to have been tampered with, the DMARC policy states whether to either do nothing, quarantine the email (send to junk), or reject the email all together.

DMARC also reports back who is trying to impersonate your email address. Kind of like if you have a credit monitoring service watching for your SSN being used for credit applications.

email, mail, hand-6370595.jpg

What Could Happen If They’re Not In Place?

Without all three of these pillars being in place, you’re leaving both your business as well as your clients susceptible to cyber-attacks. We’re going to list some of the types of attacks that could occur:


I think that most of us have heard the term and we’re not referring to a quiet afternoon at the lake.

Phishing attacks are some of the most common types of attacks both consumers and businesses face. The email baits you in acting as an important email from a colleague, client, or vendor; Telling you that you must do something now in order to keep something bad from happening.

Without SPF, DKIM & DMARC in place attackers can send emails that appear to be from a legitimate source, tricking recipients into disclosing sensitive information or downloading malware.

Domain/Brand Reputation

A businesses reputation is their lifeline. Without protections in place like DMARC, cybercriminals have the ability to impersonate the company’s domain, leading to reputation damage and loss of customer trust.

It could even land the business on a spam block list, which could keep even legitimate emails from working properly.

All three features contribute to maintaining the company’s online reputation. A security breach resulting from inadequate configuration can tarnish the brand’s image and credibility.

Data Breaches

Compromised email authentication and domain security can lead to data breaches, financial losses, and legal liabilities.

These pillars help protect both you and your clients from malicious emails that are trying to obtain credentials to compromise email and computer accounts.

How To Protect Yourself & Your Clients?

To mitigate these risks, companies should prioritize the proper configuration and maintenance of SPF, DKIM, & DMARC Regular monitoring, updates, and adherence to best practices are essential to ensure the security and authenticity of digital communication and online presence.

If you have internal IT or an MSP, these should already be in place. Unfortunately, most of the time they are not in place, or they are only halfway setup.

At SOS Technologies, we’re proactive when it comes to security. We will do a free domain check to see what security measures are in place for your domain. All the information that we check is publicly accessible to anyone on the internet, so we don’t need any special privileges or passwords to check. Most of the time, this takes just a few minutes to get an understand of your security posture.

Service is our main goal, not pushy sales tactics or selling you something you don’t need. There is no obligation and absolutely no cost.

Fill out the contact form below or give us a call at 918-888-4SOS (4767).