SPF & DKIM Alignment Defined

SPF and DKIM alignment mean the matching of domains. A DMARC requires validating the authenticity of the sender’s address as the message’s legitimate sender, which is accomplished by authenticating the sender’s DKIM and SPF.

  1. DKIM Alignment: The DomainKeys Identified Mail alignment checks if the root domain of the email used to construct the signature (specified in “d =” argument) is aligned with, i.e., matches the domain in the “From” header.
  2. SPF Alignment: The Sender Policy Framework Alignment checks the alignment, i.e., the matching of the domains specified in the two headers of the email, namely the “From” and “MailFrom / Return Path.”

You can use the “aspf” and “adkim” parameters for SPF and DKIM alignment, respectively, in a DMARC record to stress the severity of the alignment, i.e., relaxed or strict alignment for flexible or absolute matching of the domains. By default, the option is set to “relaxed.”

Configuring SPF and DKIM alignments for authentication adds an extra degree of security to your outbound emails, and pairing SPF and DKIM for authentication is a powerful strategy for preventing malicious emails from reaching the inbox.