With the switch from physical medium to digital delivery, it has become harder to stay in front of your target audience. Mail carriers are continuously identifying and altering the way that they classify mail in order to keep their customers happy.
The Junk or Spam mail folder is the digital way of identifying emails that are similar to that of a mailer you might receive in your postbox. Chances are you didn’t request it and it will end up in the trash anyway, so why not start there.
So what about legitimate email messages that you send, but still never seem to reach your contact? Even a contact you have conversed with before, you somehow were filtered and the message was never received. An opportunity lost with a client, or a time-sensitive message delivered right to the trash.
So how do I help ensure my message gets to their inbox?
First, you need to identify if it’s something you can improve or not. If we are talking about mass mailers that are sent out by services like MailChimp or ConstantContact, it will be difficult. Those organizations are flagged as mass mailers and as such, any message sent through them has a high potential to make it into the junk folder.
Standard emails, like those you would send through your email service providers such as Microsoft Office 365, Google Workspaces, or others, can be improved.
When emailing something somewhere, the mail carriers have ways to authenticate and validate that you are who you say you are and that the mail is coming from a location you have approved.
So what are the three key ways to get validated?
SPF (Sender Policy Framework), is the first method of authentication. It helps detect the forging of the email sender’s address during the delivery of the message. It is limited and can only detect the address that is claimed in the email envelope which is used when emails get bounced.
Generally, the way the SPF is configured is through your domain registrar such as Godaddy and is added as a DNS entry like the following;
Entry Type: TXT (Some providers also have an SPF option)
v=spf1 include:spf.protection.outlook.com -all”
In the above example, we are telling the mail system that Microsoft is an allowed sender to identify as our website domain. If you use multiple senders or services that utilize SPF, you can include them all by simply adding additional include: statements before the final -all at the end.
DKIM (DomainKeys Identified Mail), is another email authentication method and can be vital for protecting your domain against spoofing, and email recipients against spam or phishing emails. DKIM validates the contents of the emails to ensure that they have not been compromised. It affixes a digital signature to each message that is linked to your domain name. The receiving mail carrier can check that the email came from the specific domain that it claims to be from and that parts of the email have not been modified since the signature was affixed.
DMARC (Domain-based Message Authentication, Reporting and Conformance), combines both SPF and DKIM into a single coherent policy. It ties together everything and ensures that the details match the claim.
Many businesses fail to realize that in order to fully optimize email security, they should be leveraging all three methods, SPF, DKIM, and DMARC, together.
Did you know that Congress has already passed a bill that is going to require settings like these to be enforced in order to deliver mail in the US? In Sec. 9006 of the House bill, a strategy to secure email was included. H.R.6395
So how do I check that my domain is properly configured and ready for these requirements? A simple tool is available at www.learndmarc.com that allows you to send an email to them and generate your results. If you pass all three configurations, you should get an output similar to the following;