authenticated senders only
This is useful when you only want to receive messages from verified senders.
All emails that do not pass the checks are deleted or bounced.
You need to make sure that the sender’s email address has not been spoofed.
This control can be done putting together SPF and DKIM authentication.
SPF confirms the sender’s address and its relationship with the server that sent out the message.
DKIM ensures that email messages (including attachments) are not modified
after they have been “signed” during sending.
In theory it’s that easy, in practice both SPF and DKIM can refer
to a different domain than the sender’s email address.
We check that SPF authentication and DKIM signature are related to the domain in the from address.
In this way no other than the original sender can authenticate the email. This guarantees its origin.