Email Guides
Email looks simple from a user's perspective — type a message, hit send, arrive. Under the hood, every message passes through DNS lookups, authentication checks, multiple servers, and reputation systems before reaching an inbox. These guides explain how each piece works, why messages sometimes fail to arrive, and how to debug delivery problems from first principles.
Where to start
If you administer a domain that sends email — even just transactional notifications from an app or a small business newsletter — you need to understand three authentication standards: SPF, DKIM, and DMARC. Without all three configured correctly, your messages will land in spam folders, be rejected outright, or worse, allow attackers to spoof your domain in phishing campaigns.
If you are troubleshooting why a specific message did not arrive, start with email headers — the chain of Received lines tells you exactly where the message went and what each server did with it.
Authentication standards
Modern email security depends on three interlocking DNS-based standards. Each does one job; together they prove a message is genuinely from the domain it claims to be from.
Authentication
SPF, DKIM, DMARC: How They Work Together
Overview of all three email authentication standards and why you need every one.
How SPF Works
Sender Policy Framework explained — syntax, the 10-lookup limit, and debugging.
How DKIM Works
DomainKeys Identified Mail explained — signing, selectors, and key rotation.
How DMARC Works
DMARC policy, alignment, aggregate reports, and rollout strategy.
Infrastructure & Debugging
What is an MX Record?
MX records, priority values, multiple mailservers, and DNS resolution order.
DNS Records for Email
The complete checklist — MX, SPF, DKIM, DMARC, MTA-STS, TLS-RPT, BIMI, PTR.
Why Emails Go to Spam
The full deliverability checklist — authentication, reputation, content, and list hygiene.
Email Headers Explained
How to read raw headers, follow the Received chain, and diagnose delivery problems.
Envelope-From vs Header-From
The two From addresses in every email and why both matter.
SMTP Bounce Codes
4xx vs 5xx, enhanced status codes, and parsing bounce messages.
Transport & Encryption
STARTTLS and MTA-STS
SMTP encryption between servers — opportunistic and strict.
SMTP Submission Ports
Port 25 vs 465 vs 587 — what each is for.
SMTP Relay vs Direct
Smarthost vs direct delivery — tradeoffs for production senders.
Reverse DNS and Email
Why mail-sending IPs need PTR records and how FCrDNS works.