Email is easy to spoof and get into spam here are some ways to secure it.

DNS settings

SPF

• Sender Policy Framework
• DNS records - set which email can send as you
• Can only have one record

DKIM

• Domain Keys Identified Mail
• Is a key pair, that proves it comes from the source
• Can have multiple record
• Has a encrypted header

DMARC

• Domain-based Mail
• DNS set up as a domain name, anyone sending as you will automatically send it to spam.

RUA reporting

• Get a report showing what is accepted

Client settings

S/MIME

• signs the email verifying the sender
• optionally encrypts the email