At LinkedIn, Internet protocols (IPs v4 and v6) determine how emails travel over networks. We implement Transport Layer Security (TLS), a protocol that enables security between client/server applications (if the receiving server supports it). We also have a reverse Domain Name Server (DNS) entry on all our sending IPs that returns the hostname of an IP address. This protocol works as a second layer of security against email spoofing and spam.

LinkedIn email security

LinkedIn uses IP addresses instead of domains because they have a higher resistance to spoofing and spam than domains do. IP addresses also reduce traffic on your IT infrastructure because domains (unlike IP addresses) need to be looked up on the DNS system.

LinkedIn has implemented DMARC.org to the highest level of security against spoofing: p=reject. This means that all our emails are authenticated using a combination of Sender Policy Framework (SPF) and/or DomainKeys Identified Mail (DKIM).

Following the rules of Domain-based Message Authentication, Reporting and Conformance (DMARC) you can safely reject the emails that do not pass the DMARC test.

LinkedIn SPF records and information

LinkedIn keeps our Sender Policy Framework (SPF) record up to date with all the IPs from which we send emails. You can query our SPF through tools such as the SPF Surveyor.

LinkedIn IP addresses

LinkedIn sends emails from different groups of IPs based on the content or purpose of the email. For example, security and administrator emails have reserved groups of IPs from which we send them, and we include a secondary DomainKeys Identified Mail (DKIM) signature to indicate these emails are important for the security of our members.

See the Learn more section below about troubleshooting your emails if they are rejected.

Glossary:

Related task

• Troubleshoot LinkedIn emails not received

Learn more

• Email to LinkedIn is rejected - Overview for Postmasters