What is spoofing?

Spoofing is when a sender forges the visible From address to impersonate another identity. Attackers may claim to be a trusted brand or colleague while using an unrelated domain.

The problem exists because the Header From that users see is different from the Envelope From that SPF validates. This disconnect is the original architectural flaw that DMARC was designed to fix.

It is a pirate ship flying a stolen flag. SPF, DKIM, and DMARC work together to detect and block spoofed messages.