Authentication records tell receiving servers your email is actually from you. Required for deliverability in 2026.
Lists authorized IPs that can send from your domain. TXT record.
Cryptographic signature on every email. Proves the message wasn't modified.
Policy telling receivers what to do with unauthenticated mail. Also provides reporting.
Gmail and Yahoo require all three for senders of 5000+ emails/day as of 2024. No exceptions.