About
By default, the SMTP protocol does not have any authentication mechanism when the email is received.
There may be an authentication when you try to send but not when you receive.
Authentication mechanism
To prevent spoofing and spam, 2 authentication mechanisms have been created:
Fix messages that aren't authenticated
If you get a message that your emails are not authenticated, you should:
- at least implement DKIM (preferred)
- and SPF.
Unauthenticated messages and spam classification
Because spammers can also authenticate emails, authentication by itself isn't enough to guarantee that your messages can be delivered, but Unauthenticated messages are very likely to be rejected or classified as spam.
How to monitor
You can monitor the authentication:
- by receiving DMARC reports if you set an email in your dmarc record
- by checking the Email Provider tools Gmail Postmaster tool.