In plain English
Email authentication is the collective name for SPF, DKIM, and DMARC working together. Each protocol addresses a different aspect of verifying email legitimacy: SPF specifies which servers may send email for your domain, DKIM proves messages haven't been tampered with, and DMARC tells receiving servers what to do when either check fails — and sends you reports about who is sending email as your domain.
Full definition
Email authentication emerged because SMTP — the protocol that moves email across the internet — was designed in the 1980s with no verification built in. Anyone could claim any sender address. (2006), (2011), and (2015) were developed to retrofit authentication onto the existing email infrastructure.
The three protocols are complementary: SPF checks the envelope sender (the server doing the delivering), DKIM checks the message signature (the content), and DMARC checks that both align with the domain shown to the user. A DMARC policy at p=reject only functions effectively when both SPF and DKIM are correctly configured.
The , most enterprise procurement standards, and underwriters now treat email authentication as a baseline security control. IronSights configures all three records as part of every security engagement.