DomainKey Identified Mail
The verification is done by looking up the relevant DNS-record for the sender domain. The DNS record contains a key that the server then uses to verify the key sent with the email.
If an invalid email is received it is up to the server to figure out how to deal with it. If the domain has DMARC enabled the policy specified there should be observed.