top of page
Search

Introducing Email Legitimacy

As email‑based deception becomes more polished and harder to spot, individuals are facing increasingly sophisticated tactics designed to trick them into trusting the wrong messages. When something about an email feels off—but you can’t quite put your finger on why—you now have a clearer way to check your instincts. Email Legitimacy gives you a structured snapshot of the signals that matter so you can make a more informed decision.

This feature is intentionally lightweight. It’s not a full forensic audit tool and it doesn’t replace advanced security reviews or enterprise‑grade threat analysis. Instead, it fills the gap between “this seems strange” and “I need a full investigation.”


What Email Legitimacy Highlights

Email Legitimacy surfaces technical and behavioral indicators that help you understand whether a message behaves like trustworthy email. It focuses on the core authentication signals—SPF, DKIM, DMARC, and ARC—and evaluates how well each one supports the sender’s claimed identity. A simple, color‑coded scoring system summarizes the message’s overall trust profile so you can interpret the results at a glance.

  • SPF checks whether the sending server was authorized.

  • DKIM verifies whether the message was cryptographically signed.

  • DMARC ensures the visible From: address aligns with SPF or DKIM.

  • ARC preserves authentication results when messages pass through forwarders or gateways.


Each signal contributes independently. No single issue automatically marks a message as unsafe; instead, the score reflects a balanced, multi‑factor view similar to how modern email providers assess legitimacy. This approach helps you understand why something feels off, not just whether it passed or failed a single test.


Implementing Email Legitimacy

Implementing Email Legitimacy is intentionally simple. Within the Consolidated Email View, you can enable it as an optional tab—no extra setup, no custom wiring, no header parsing required on your end. Once enabled, the system automatically evaluates the four core authentication signals that shape modern email trust.


Each signal receives its own score, and those scores combine into a single, color‑coded trust rating that summarizes the message’s overall legitimacy profile. This gives users a quick, structured way to understand whether an email behaves like trustworthy traffic without performing a full audit.


What Users See After Enabling the Tab

Once activated, the Email Legitimacy tab appears alongside the rest of the Consolidated Email View. It includes:

  • A color‑coded badge showing the overall trust score

  • Individual sections for SPF, DKIM, DMARC, and ARC

  • Clear explanations for each signal’s result

  • A concise summary that ties the signals together


The result is a simple, approachable way to validate that “something feels off” without overwhelming users with raw header data.


Email Legitimacy in action
Email Legitimacy in action

For more information, check out Email Scrubber on the AppExchange.

Comments

bottom of page