Gone are the days when sending a mass email was as simple as choosing an email service provider (“ESP”), uploading your customer list, and hitting send. As email continues to grow in popularity, the “under the hood” aspects of email delivery have become increasingly complex in order to provide a great experience to you, the recipient of emails.
The unfortunate result of all of this, is that regardless of your business size, it is imperative that you keep up with the changes and authentication requirements or your emails will deliver to the spam folder. And even if you do everything suggested here, there is no “silver bullet” to guarantee your email delivery to the inbox.
Below is a quick guide to a few basics of email delivery in 2019. All of these can be setup wherever you manage our DNS (e.g. GoDaddy, Google, NameCheap, etc.). Be sure to read to the end about how to test your setup! If you are considering VipeCloud for your email marketing needs, we will happily work through this with you!
1. Sender Policy Framework (“SPF”)
SPF tells your recipients that the system where you email comes from is an authorized sender of your email. For example, if you use Gmail, then google.com would be in your SPF policy. At VipeCloud we let you send email through your own exchange server – e.g. Google – or you can send them through our system. Our email system is powered by SendGrid.com. Whatever email marketing system you use, you will want to add them to your SPF policy.
What is an SPF policy? It’s simply a TXT record you add to your DNS. The host would be “@” and a sample value would be:
v=spf1 a mx include:_spf.google.com include:sendgrid.net ~all
The above policy would mean that you have authorized Google and SendGrid as email sending systems. Here are a couple additional resources to help you set this up:
2. DomainKeys Identified Mail (“DKIM”)
DKIM is essentially the proof behind your SPF setup. The two go hand in hand. Just like you had to list each of your sending services in your SPF, you should setup DKIM for them as well. A Google search will help you do so for your Gmail/Gsuite or Outlook365 email. Using VipeCloud, we make it as easy as possible for you by providing you with a few more DNS records to add which take care of the DKIM for you.
The best news about SPF and DKIM is that they are really “do once and forget about it” setup items. Here is an article from ReturnPath which goes deeper into DKIM: How To Explain DKIM In Plain English.
3. Domain-based Message Authentication, Reporting & Conformance (“DMARC”)
DKIM is confusing, so some engineers decided it would be easier to add yet another authentication step to verify your sent emails. Enter DMARC. We have noticed in the last 3-6 months that domains which have not setup DMARC are beginning to more frequently deliver to the spam folder. Similar to setting up SPF, to setup DMARC simply add a TXT record to your DNS. The host will be “_dmarc” and a sample value is:
“v=DMARC1; p=none; rua=mailto:firstname.lastname@example.org”
Change the mailto link to your own. You will receive a daily email so consider creating a rule to drop these into a label or folder. Unfortunately for DMARC, it is not set it and forget it. If you don’t yet have DMARC setup, setting the p value to none is a good first step.
You’ll then want to create an account at dmarcian to translate the daily reports so you can track who is sending emails from your domain. As you gain a comfort level that all of your sending in known, you’ll want to update that p value to quarantine, and then to reject.
4. But Seriously, Why All This Just For Email Delivery?
Hang in there! We know this can be overwhelming. But as we said, emailing today is not like the old days. The reason for all of these authentication steps is because in the world of email there exists something called “spoofing”. Spoofing means that anyone can set the from email address on an email to anything they want. Anyone could claim to be sending an email as you. And as the daily volume of emails still continues to trend upward, there are simply too many bad apples who have screwed things up for all of us.
5. Test Your Changes!
Any of the above suggested changes to your DNS should be tested and confirmed. If you did something incorrectly, your emails might stop sending altogether. The good news is that it’s easy to test! Simply go to https://dmarcian.com/, enter your domain, and check the results! While any DNS changes can take up to a couple days to fully take hold, we have found the dmarcian test to work pretty instantaneously.
6. Bonus: rDNS For The Email Delivery Win
Are you a power emailer who wants to go above and beyond? Then you can also setup rDNS by working with your email marketing provider. You will have to have dedicated IP addresses for your sending, but if delivery is of the utmost importance, this added cost will be worth it. I won’t go into too much detail here as this is a bonus section. But if you go with VipeCloud we are happy to help you set this up for your domain.
That’s it! We wish email didn’t have to be as complex as it is now, but the world is constantly changing and authentication requirements on your email seem to be a requirement that is here to stay.