With Email domains getting stricter about what and who they let into recipients’ inboxes, Marketing automation platforms like Pardot, HubSpot, Outreach, and SendWithus (to only name a few) are taking steps to make sure we are ahead of the curve. For those that have a dedicated IP, make sure you’ve covered all your bases with domain authentication and sending IPs.
There are three items related to your domain authentication, which would usually be taken care of when you setup your domain, however, with stricter rules coming through relating to spam, it would be worthwhile to check out your status on each of them: DKIM, SPF, and DMARC.
DKIM: Fortifying Email Integrity
DKIM, or DomainKeys Identified Mail, is a method of email authentication designed to prevent email spoofing. Email spoofing involves the deceptive practice of sending emails with falsified sender addresses, often exploited for phishing or other harmful purposes.
To implement DKIM, users can add or update DKIM records in the DNS provider using a public key provided by the platform. Once this is done, a receiving mail server (e.g., Gmail) can verify the signature of the sent email associated with the domain. Once verified, the DKIM signature is included in the email headers, aligning with the configured CNAME entries.
SPF: Authorizing Email Senders
Sender Policy Framework (SPF) is another vital email authentication standard focused on verifying that the sending email server is authorized to send emails on behalf of a specific domain. This is crucial for maintaining the integrity of the envelope return path domain, which is the address used for bounce-backs.
Setting up SPF involves creating a TXT record in the DNS provider using the value provided by the platform. This record serves as a continuously updated list of IP addresses that the email automation platform will use to send marketing emails from the designated From Address domain.
DMARC: Enhanced Protection and Reporting
Domain-based Message Authentication, Reporting, and Conformance (DMARC) takes email authentication a step further by providing a protocol to safeguard email domain owners from unauthorized use and email spoofing.
Configuring DMARC involves adding a TXT record in the DNS provider settings. Once added and verified, DMARC allows inbox providers to determine how to handle emails that fail SPF and DKIM checks, providing an added layer of security.
Two key tools:
These helped me and my teams:
- Google’s Postmaster – https://postmaster.google.com/
- Type in your domain name
- add the TXT to your backend – get IT to help with this
- Validate
- Monitor the rates provided by Postmaster!
- Yahoo’s complaint feedback loop https://senders.yahooinc.com/complaint-feedback-loop/
- Add in all the details asked for
- Yahoo will forward all complaints to the specified inbox.
What to do next?
- Make sure to keep your spam rate under 0.3% by:
- Making your unsubscribe button visible and easy to use
- Dont buy cold lists
- Send valuable content to your viewers
- Monitor Postmaster and Yahoo
The trio of DKIM, SPF, and DMARC serves as a powerful defense against email spoofing and unauthorized use of email domains. Implementing these authentication protocols not only enhances the security of your emails but also fosters trust among recipients.