1. A DNS TXT record published by the domain owner listing all servers authorized to send email on behalf of the domain; checked by receiving servers against the sending server’s IP address
2. A mechanism where the sending mail server signs outgoing messages with a private key and publishes the corresponding public key in a DNS TXT record for receiving servers to verify
3. An extension of the two other email authentication technologies that specifies the disposal policy (none/quarantine/reject) for failing messages and sends compliance reports to the domain owner
4. The organizational device that acts as the gatekeeper for inbound email, evaluating messages before they reach end users and applying filtering, scanning, and authentication checks