**Email authentication**, or validation, is a collection of techniques aimed at providing verifiable information about the origin of email messages by validating the [[Domain]] ownership of any message transfer agents (MTA) who participated in transferring and possibly modifying a message. The original base of Internet email, Simple Mail Transfer Protocol (SMTP), has no such feature, so forged sender addresses in emails (a practice known as email spoofing) have been widely used in phishing, email spam, and various types of frauds. To combat this, many competing email authentication proposals have been developed, but only fairly recently have three been widely adopted – [[Sender Policy Framework (SPF)|SPF]], [[DomainKeys Identified Mail (DKIM)|DKIM]] and [[Domain-based Message Authentication, Reporting and Conformance (DMARC)|DMARC]].^[[Email authentication - Wikipedia](https://en.wikipedia.org/wiki/Email_authentication)]