Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=Authentication-checks

Authentication checks

Authentication checks verify that an email originates from where it claims to come from. You can set up banners that appear in end users' messages to help them decide whether messages are genuine.

Authentication checks are always performed. In the Email Security policy, customers can only turn on or turn off the failure action.

Message Authentication

Message Authentication uses DMARC, SPF, and DKIM. The DMARC check depends on the SPF and DKIM checks. DMARC can only be evaluated if the sender has a valid DMARC record in DNS and supports SPF or DKIM checking. You can select actions to take if messages fail each check.

See Message Authentication.

Sender check

Sender check uses Header anomaly and Domain anomaly. Header anomaly detects messages sent from your domain but originating from an external domain. Domain anomaly detects messages sent from a domain without an MX record or an A record.

See Sender check.

End-user message settings

When you turn on End-user message settings, a banner is displayed at the top of inbound HTML email messages to show whether the email is trusted. You can customize the banners and choose the action your users can take when receiving messages.

See End-user message settings.