Overview
Temple University uses email authentication standards including Sender Policy Framework (SPF) , DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting and Conformance (DMARC) to protect our domain from abuse such as phishing and spoofing. This page explains how these standards work, why they matter, and how you can ensure your messages are delivered reliably.
What is Email Authentication?
Email authentication is a set of techniques that help receiving mail systems verify that messages come from legitimate sources and haven’t been altered. The core technologies we use are:
- Sender Policy Framework (SPF): Validates that email is sent from authorized servers.
- DomainKeys Identified Mail (DKIM): Cryptographically signs email to prove its origin.
- Domain-based Message Authentication, Reporting, and Conformance (DMARC): Tells mail receivers what to do if SPF/DKIM checks fail and provides reporting back to Temple’s Cloud Operations Group.
Temple is implementing a DMARC policy that instructs receiving mail systems how to handle unauthorized messages sent using @temple.edu and @subdomain.temple.edu addresses. This policy helps protect our community from impersonation-based attacks and improves the overall security of email communications.
Current DMARC policies are published in DNS and may be set to none, quarantine, or reject depending on the sending domain/subdomain. This policy is regularly monitored and updated as needed to balance deliverability and security.
Frequently Asked Questions
What is DMARC?
DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It builds on SPF and DKIM to help receiving mail systems decide what to do with messages that appear to come from your domain but fail authentication checks.
Why does Temple use DMARC?
DMARC helps prevent unauthorized users from sending email that appears to come from temple.edu or subdomain.temple.edu addresses. It reduces phishing, spoofing, and other fraudulent email that could harm our community.
Will DMARC affect legitimate mail I send?
Legitimate mail sent through authorized Temple email systems will pass DMARC authentication. If you use an external service (e.g., third-party newsletter or automated systems), ensure it is configured to send on behalf of the @subdomain.temple.edu correctly (SPF/DKIM).
What should I do if my email is rejected?
If your message is rejected or marked as spam incorrectly, contact the Temple University Technical Support Services Team. Provide email message headers if possible so we can investigate the authentication failure.
How do I configure SPF/DKIM for third-party services?
For services that send email on your behalf (e.g., newsletters, CRMs), work with your vendor and Temple’s Cloud Operations Group to publish the correct SPF and DKIM records in DNS to align with your Temple subdomain.
Reporting and Monitoring
Temple University’s Cloud Operations Group regularly reviews DMARC reports to identify unauthorized use of the @temple.edu and subdomain.temple.edu domains. If you receive DMARC feedback and are unsure what it means, click the Request Help button on the right side of this article.