When creating a website, one will most likely want to send emails from the code. It can be contact request, response to the user or anything else. Many of these emails are better to be signed, as otherwise email clients will show them in a strange (for regular user) or suspicious (for a bit more experience user) way, or send them to spam. For example, Gmail adds a “via” part to From field. So, how would we sign the outgoing emails? 1. SPF SPF is Sender Policy Framework, an open standard specifying a technical method to prevent sender address forgery. You can read about it more here to find out what and why it is, I will focus only on how would you use it. You need to create a DNS TXT record with string, saying whom do you allow to send emails by your name. Here is the syntax; if you want to allow anyone from your domain (works perfect for mails sent from the code, but is not too much secure), you can use the string “v=spf1 +a +mx -all”. To be sure your string is correct, you can use the validator. At the end, you Zonefile will have something like this: @ IN TXT “v=spf1 +a +mx -all” After your DNS had updated, you can check the record from the same validator. However, the best check is in your mail client; for Gmail, validated SPF looks like this: Received-SPF: pass (google.com: domain of mailer@example.com designates *.*.*.* as permitted sender) client-ip=*.*.*.*; Authentication-Results: mx.google.com; spf=pass (google.com: domain of mailer@example.com designates *.*.*.* as permitted sender) 2. DKIM DKIM states for DomainKeys Identified Mail, which attaches a new domain name identifier to a message and uses cryptographic techniques to validate authorization for its presence. The identifier is independent of any other identifier in the message, such in the author’s From: field. More on it here. This one is a bit more complex. You need to generate keys, add one of them to your emails’ header and the second one to you DNS records. There are rather many implementations of DKIM, I use the simplest for me, PHP-DKIM. Here are the steps: 1. Create the keys. For