Email spoofing, is commonly used in phishing emails and other malware propagation. Thus, by authenticating an email that it is actually from the address it claims to be from, a substantial number of these malicious or undesirable emails may be filtered. For example, Domain-Based Message Authentication, Reporting & Conformance (DMARC) is an industry standard that aligns (or matches) an organization domain address with either the domain which passes Sender Policy Framework (SPF), or the domain in the “d=field” of the Domain Keys Identified Mail (DKIM) signature which passes the DKIM, A DMARC selector pass may allow a third party to sign a DKIM signature on behalf of a sender, and then a receiver using the domain in the “d=field” and the selector “s=field” in the DKIM signature to produce a DMARC pass. Even though the domains may not align per the DMARC specification, the verifier may have enough information to infer a relationship between the DKIM signature and the domain in the “From” address and therefore pass DMARC. A failure to align may not fail DMARC, however.
However, DMARC based authentication involves a domain to publish DMARC records, set up SPF records, and set up DKIM records. This may be too complicated to do for some senders because many small and medium businesses (and even large businesses) may not be controllable setting up DNS records, and many may not even be aware of them.