The Complete Guide to Email Authentication


The objective of this paper is to provide a brief overview and description of the most commonly used email authentication practices and methodologies. It is not exhaustive in nature, and does not cover every aspect of every technology in use today. It does, however, cover the main topics and points of discussion with regard to the mainstream standards used today for authenticating email.

Spam and Other Online Threats

In a recent report released by Cisco Systems, it was revealed that nearly 200 billion spam email messages are sent each day – approximately 90% of worldwide email. Other online threats that were cited include phishing, botnets, social engineering, and reputation hijacking – all used in collaboration with spamming. Because spam and other cyber security issues continue to increase year after year, technology integrators have turned to alternative methods to secure their communications. Email authentication is one such method, along with a wide set of other tools used by email senders and receivers to establish sender reputation.

Email Authentication

Generally defined, email authentication is a multi-method approach to securing email communications using either IP based and/or cryptographic standards. Email senders create a public record that verifies that their sending domain is authorized to send email from a particular IP address or mail server. Receiving ISPs can then use this record to validate the legitimacy of the sender and the messages they are sending. Additionally, ISPs commonly use this validation along with other metrics to determine the reputation of a sender, and ultimately if they will deliver the sender’s messages.

There are currently four different methods or standards that are typically used to authenticate email today: Sender Policy Framework (SPF), Sender ID, DomainKeys, and DomainKeys Identified Mail (DKIM). Each standard authenticates using a different methodology. While a sender can authenticate using all of the standards, an ISP may choose to only verify one or more of them.

Email Spoofing

One of the main benefits to using email authentication is that it dramatically reduces the problem of email forging or spoofing (also known as phishing) – where a user will receive an email that appears to originate from one source, when in reality it was sent from another source. Email spoofing is a classic spammer tactic used to coerce unsuspecting users into disclosing secure or confidential information without their knowledge or authorization.

A classic example of email spoofing that still occurs today are emails purportedly from a bank or financial institution, alerting the user that their account has been compromised and, in order to resolve the situation, they must click the link in the email to log into their account. Both the link, as well as the sender information have been spoofed or forged to look as if the message came from the purported bank.


Exchange Server 2013 Client Access Licenses

Tip of the day

Exchange Server 2013 – Client Access Licenses (CALs)

As with the Server licenses, the Exchange Server 2013 CALs have also been significantly improved from the previous versions of Exchange. The Exchange Enterprise CAL is available in the same two variants as before; Exchange Enterprise CAL without Services and Exchange Enterprise CAL with Services. The following tables provide a detailed feature breakdown for each CAL edition of Exchange Server 2013:

Feature Standard CAL Standard + Enterprise CAL (with and without Services)
E-mail, Calendar, Contacts, and Tasks Yes Yes
Outlook Web App (Internet Explorer, Firefox, and Safari support) Yes Yes
Exchange ActiveSync Mobile Access Yes Yes
Rich Outlook inbox experience, including enhanced Conversation View and Mail Tips Yes Yes
Apps for Outlook and Outlook Web App Yes Yes
Site mailboxes Yes Yes
Role Based Access Control capabilities Yes Yes
Integration of IM, SMS, and RSS Yes Yes
Federated Calendar Sharing Yes Yes
Exchange ActiveSync Mobile Management Policies Standard Advanced
Journaling Per Database Per User/Distribution List
Journal decryption No Yes
Voicemail with Unified Messaging No Yes
Retention Policies Default Custom
Integrated Archive No Yes*
Multi-Mailbox Search Yes Yes
In-Place Hold No Yes
Data Loss Prevention (DLP) No Yes
Outlook PolicyTips with Data Loss Prevention (DLP) No Yes**
Information Protection and Control (IPC): transport protection rules, Outlook protection rules, IRM Search No Yes

* Archive requires Office 2007 Pro Plus, Office 2010 Pro Plus, or Office 2013 Pro Plus Volume Licensing
** Outlook PolicyTips require Office 2013 Pro Plus Volume Licensing

Customers may buy the standard CAL standalone, but those who want to acquire the Enterprise features as listed above must purchase both the standard and the Enterprise CALs.

The Enterprise CAL with Services has all the above features but also has antivirus and anti-spam service subscriptions from Microsoft Forefront Online Protection for Exchange.

Feature Standard CAL Standard + Enterprise CAL (with Services)
Forefront Online Protection for Exchange No Yes


Settings for accessing CCTV Camera from IE Browser

Settings for accessing CCTV Camera from IE Browser

Step 1

  • Open IE
  • Settings
  • Internet options
  • Security tab
  • Local intranet
  • Sites
  • Advance
  • Add (http:// and ip address or url)
  • Uncheck “require server verification (https)
  • Close
  • Ok
  • Ok


Step 2

  • Open IE
  • Settings
  • Internet options
  • Advance tab
  • In security
  • Check “Allow software to run or install even if signature is invalid.
  • Ok
  • Apply

do both the above settings , restart IE then check.