Skip to main content
University of California San Francisco Give to UCSF

UCSF IT Technology

Main navigation

  • Status
    • Security Announcements
  • Services
  • How To
  • News & Events
  • About Us
  • Log In
Open Close Search
Open menu
Give to UCSF

Breadcrumb

  1. Home
  2. How To
  3. Email Authentication

This content is viewable by Everyone

Email Authentication

  • Audience: Affiliate, Faculty, Staff, Student, Technical Partner, Volunteer
  • Service Category: Email & Collaboration
  • Owner Team: Email and Office 365
  • Service:
    Email

Email spoofing (creating forged email addresses and content); is widely used in email-based fraud, such as phishing messages, making it necessary to have validated identification of email.

In practice, someone sends a message claiming to be from [email protected]. The goal is to convince the recipient to accept and read the email. The name of the sender may look familiar or the message like a known organization; making it difficult for recipients to determine if they should trust this message.

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in email compromise attacks, phishing emails, email scams and other cyber threat activities.

Once the DMARC DNS entry is published, receiving email systems can authenticate the incoming email based on the instructions published by the domain owner within the domain name service (DNS) entry. If the email passes the authentication, it will be delivered and can be trusted. If the email fails the check, depending on the instructions held within the DMARC record the email could be delivered, quarantined or rejected.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in emails (spoofing). By affixing a digital signature to your messages, DKIM allows recipient systems to verify that your messages have been authorized by the email domain owner (UCSF).

Departments prefer sending from an @ucsf.edu email address to help promote acceptance of their email communications as being from the University. These messages may be an application notification or part of a mass email campaign; in both cases the sender wants their message to be identified as from UCSF.

Correctly identifying email communications legitimately sent as "from UCSF (@ucsf.edu)", while blocking email traffic from anyone not authorized to do so, is our task. The added benefit is that this also assists in better delivery of UCSF branded messages to all email services as well as helping protect the reputation of UCSF.

Learn more about DKIM at https://en.wikipedia.org/wiki/DomainKeys_Identified_Mail.

Use-cases

  • Managing Email Sent from a UCSF System or Application

  • Managing External Email Vendors

 

 

Section Menu
Email
  • Email: Mobile
  • Enroll Your Mobile Device in Intune Company Portal
  • Intune Frequently Asked Questions
  • Outlook Mobile for iOS
  • Outlook Mobile for Android
  • Understand Email Accounts
  • Email Best Practices
  • Introduction to Email Security
  • Secure Email
  • Secure Email Recipient Help
  • Email Protection
  • Email Tagging
  • Phish Alarm
  • Configuring your Email Vendor
  • Email Authentication
  • Why Use Outlook's Email Web Client?
  • Mailing Lists
  • Email Online DL Management
  • Email SMTP
  • Outlook for Mac Configuration
  • Outlook for Windows Configuration
  • Office 365: FindTime for Outlook
  • Office 365: Forms for Excel, Outlook, and Teams
  • Installing Add-Ins for Outlook
Home

Footer Col 1

  • Status
  • Services
  • How To
  • News & Events

Footer Col 2

  • About
  • IT Directory
  • Standards & Guidelines

Footer Col 3

  • Get Help
  • Recognize IT Staff
  • Submit a Support Inquiry

    For emergencies and high priority issues please call the IT Service Desk (415) 514-4100

    • Facebook
    • Twitter
    • YouTube
    • Instagram

    © 2022 The Regents of the University of California