Who Is Email Security For?
Email has a security stack. SPF, DKIM, DMARC, BIMI, spam filtering – decades of standards work and infrastructure investment. Ask one question of each layer and a pattern emerges that I think explains a lot about the state of email today:
Who is this layer designed to protect?
Authentication protects brands
SPF verifies that a mail server is authorized to send for a domain. DKIM cryptographically signs messages so tampering is detectable. DMARC ties the two to the visible From address and lets domain owners publish a policy for failures.