DMARC Compliant but still going to Spam?

Many emailers consider DMARC compliance to be an end goal. This is only partially true. Adopting DMARC and sending DMARC compliant email is an important part of maintaining good email delivery, but DMARC is not the end of that journey. Let’s examine a few other things you need to be doing.

Adopting DMARC “Reject” policies

DMARC works best when your DMARC policy is 100% Reject for emails that are not DMARC compliant. 100% DMARC Reject indicates to Inbox Providers that you are confident that legitimate email from your domain is DMARC compliant and anything that is not compliant is spam, phishing or otherwise risky. 100% Reject policies are required to adopt BIMI and maintain compliance with Google, Yahoo! and Outlook.com bulk email sender policies.

Monitoring DMARC compliance

Your email configuration is not “set and forget”. Every time you change a technology provider, you will need to update your SPF record to send email from that system: CRMs, order management systems, Support, Marketing Automation, etc. all require an entry in your SPF records. Even if you do not change systems every few years, these companies will change their sending IP addresses or undergo mergers, forcing changes on you. You need to monitor your DMARC compliance or you may miss when email is rejected.

Adopting BIMI

BIMI can get your brand directly in front of your customers and prospects, within the Inbox. But, to adopt BIMI, you must be at 100% DMARC Reject policy. A Reject Policy requires monitoring of your DMARC compliance to prevent loss of legitimate email through misconfiguration.

Monitoring Inbox Placement

Even with 100% DMARC compliant email, you could be rejected from the Inbox. Inbox Providers maintain the equivalent of internal blocklists using customer sentiment and algorithms that judge similarity to spam to place email in Spam, Junk or Quarantine folders. If you are not monitoring your email for this, you will only find out after important email is turfed to the Junk folder.

Managing Email Senders

Your 3rd party email senders are an important part of your email delivery hygiene. A sender that mixes your email in with other clients’ email may cause issues due to the poor reputation of these other senders. If a shared IP address is blacklisted, your email may be blocked simply because some of it came from that server. Purchasing a dedicated sending IP space may reduce the risk, but it is always prudent to monitor your 3rd party senders for compliance and blocklist issues. If frequent blacklisting occurs, it might be time to look at new senders.

How can MxToolbox Help?

MxToolbox has been building email delivery management and monitoring tools for over 20 years. Our Experts know that email delivery is not static but an ever-changing arms race between spammers and Inbox Providers. Our MxToolbox Delivery Center tools are constantly updated to provide you with the latest in Email Delivery technologies:

  • Setup, Maintain and Monitor DMARC compliance
  • Adopt DMARC reject policies with confidence
  • Get your logo in the Inbox with our BIMI tools
  • Regularly test your Inbox Placement to quickly detect internal blocklisting
  • Get insight into your senders’ reputations with Adaptive Blacklist Monitoring

If this sounds complicated, MxToolbox also offers Managed Services team that can help you setup DMARC, DKIM, SPF, BIMI and get your domain aligned with Google, Yahoo! and Outlook.com bulk sender policies.

It’s Time for BIMI

For the last few years, we’ve been on the fence about when it would be time to implement BIMI. Often, it seemed like the ability to adopt BIMI would only be there for large companies with substantial email marketing budgets. However, support for both Common Mark Certificates as well as Verified Mark Certificates makes BIMI much more accessible for small and medium businesses. We now think BIMI is ready for everyone!

What is BIMI?

BIMI is a DNS technology that allows you to define a logo to appear next to your email subject lines or next to your messages in major Inbox Providers’ web-based, computer and mobile clients. Essentially, your mail will be branded with your logo giving you more exposure and potentially creating an edge over your competitors.

An example of the MxToolbox Logo displayed next to our email in Google’s web client.

Note: BIMI is different from simply being a GSuite-using company in that your BIMI logo will appear at Yahoo!, Le Post and many other web-based, computer and mobile email clients, not just the Google Inbox.*

How do you adopt BIMI?

To be BIMI compatible, you need to have your email configuration setup properly. Inbox Providers need a level of trust before they will include your logo as it appears to be an endorsement of sorts for your brand.

  • You must adopt DMARC, DKIM and SPF
  • Your email must be DMARC compliant
  • Your DMARC policy must be at 100% Reject
  • Your BIMI record must be setup correctly with a properly formatted SVG file
  • You must have a Common Mark Certificate or Verified Mark Certificate for your logo

How does MxToolbox help?

MxToolbox recently released a comprehensive answer to the issues of BIMI setup, management and maintenance. MxToolbox Delivery Center provides everything you need to:

  • Setup SPF, DKIM and DMARC for your Domain
  • Carefully migrate to a DMARC Reject policy
  • Setup your BIMI record
  • Verify compatibility of your SVG image
  • Monitor your certificates for expiration
  • Manage the on-going changes to the BIMI standard

Learn more on our BIMI feature page.

*A previous version of this blog included Microsoft Outlook.com. At this time, Outlook.com does not support BIMI.

The Double-Edge Sword of Generative AI and Email

For most people doing creative marketing work, Generative AI can be a huge asset. You can write white papers, create tag lines for ads, and develop new email campaigns quickly and easily. But, there are downsides to all of this productivity…

Losing your voice

Your voice, your brand, your identity. Losing this is easy if you are not careful how you deploy generative AI. Generative AI has its own voice, so you need to apply your brand to it before deploying the content it generates. Make sure it uses your verbiage, your terms and reflects your brand. If you don’t, you risk blurring into the background noise from all the other brands deploying generative AI in their campaigns. While Google, Yahoo! and Outlook.com have not disclosed policies or filters looking for generative AI, they are at the forefront of the technology, so you can be sure they are!

Going All -In

It may seem like a good idea to ramp up your outreach programs, especially email, now that you have a virtually unlimited source of content. Unfortunately, that can make your email delivery worse. Higher volumes of email can trigger greater scrutiny at Inbox Providers like Google, Yahoo! and Outlook.com, which could make it more difficult to make the Inbox. Further, you could induce email fatigue in your recipients. Fatigued users are:

  • Less likely to open your emails
  • More likely to mark them as Spam
  • More likely to Unsubscribe

Rather than increasing the quantity of your interactions, you should be looking to increase the quality: Better content yields better results.

Generative AI Phishing

If you can use Generative AI to create content for your legitimate business, rest assured that spammers, scammers and fraudsters are already fully embracing the ability to generate huge quantities of malicious content. This means that it is even more important to educate your teams about phishing scams and improve your email security.

In addition, it is now more important to protect your brand from being used in phishing attacks by adopting a DMARC Reject policy. Adopting DMARC and setting your DMARC policy to Reject will tell Inbox Providers to trash any email that appears to come from your domain that is not DMARC compliant. This makes it harder for phishing scammers to send email that appears to come from your domain. DMARC reject policies also enable you to adopt BIMI, which will get your brand logo into the Inbox alongside your email.

How MxToolbox Helps

MxToolbox is the expert in email delivery and email technologies. Our suite of email tools, Delivery Center, provides you with everything you need to:

  • Adopt DMARC
  • Get DMARC to a Reject policy
  • Adopt BIMI
  • Measure Inbox Placement
  • Manage the on-going maintenance of adopting new email technologies
  • Notify you of issues while they’re occurring to enable quick resolution and damage control

If this sounds complicated, MxToolbox also offers Managed Services team that can help you setup DMARC, DKIM, SPF, BIMI and get your domain aligned with Google, Yahoo! and Outlook.com bulk sender policies.

Getting DMARC to Reject

More and more, major Inbox Providers like Google, Yahoo! and Outlook.com are demanding DMARC compliance before allowing email into the Inbox. However, to get the best inbox placement and enable new innovations like BIMI, the policy in your DMARC record must be set to 100% reject.

What is a DMARC policy?

The DMARC policy is a setting in your DMARC record that specifies how a recipient should treat email from your domain that fails DMARC and what percentage of your email should be subjected to that treatment. DMARC policies can take on one of three options:

  • None – Do nothing if the email fails DMARC.
  • Quarantine – Move the email to quarantine for further processing.
  • Reject – Reject the email entirely if it fails DMARC.

A DMARC “reject” policy at 100% shows that you are confident in your email configuration and trust that anything appears to be sent from your domain that fails DMARC is likely junk, spam or phishing. You have done the work, so Google, Yahoo! and Outlook.com are more likely to trust you.

Lower trust levels and lower percentages are available for testing purposes, allowing you to gently move your email to stricter settings without impacting your existing email delivery. Most Inbox Providers will treat as suspect all email from domains with a non-reject DMARC policy and use their own internal processes to filter inbox delivery.

How to Get to “Reject”

Getting to a “reject” DMARC policy at 100% is a fairly straight-forward process of iteration.

  1. Gather a list of all your sending systems and ensure that they are in your SPF records.
  2. Setup DKIM and DKIM records for all your sending systems.
  3. Configure your DMARC record to send DMARC reports to a processing tool like MxToolbox Delivery Center.
  4. Review your DMARC reports for missing senders that fail DMARC (go back to step 1 until you uncover all of your legitimate senders).
  5. Modify your DMARC record to a 10% reject policy.
  6. Review your DMARC reports, Delivery Rates, and Open Rates for issues and analyze for a week or a major newsletter cycle.
  7. When satisfied that email delivery is acceptable, return to the DMARC record, changing your policy to 25%, 50% and, eventually 100% while continuing to review as in step 6.
  8. Maintain your review of your DMARC delivery statistics to ensure new senders aren’t accidentally installed and changes at existing senders are incorporated into your SPF and DKIM records.

Iterate through this process as necessary. While Quarantine is available as a policy, MxToolbox Experts have found that it is preferable to skip using Quarantine. Most major Inbox Providers treat non-compliant email from a domain with a DMARC policy of None or Quarantine the same. Stepping through Quarantine will simply delay getting to your goal.

How does MxToolbox Help?

MxToolbox Delivery Center provides everything you need to manage your DMARC, SPF and DKIM setup, move to a DMARC reject policy and manage the on-going maintenance and analysis of DMARC reports.

Manage SPF Setup

Every system that sends email on behalf of your domain must be in your SPF record for the email to be SPF compliant. Unfortunately, many providers get lazy with how they define the entries they want included in your SPF records, often proscribing large ranges or including macros. Sometimes, multiple systems will include the same ranges (GSuite systems being the most duplicated).

MxToolbox helps you manage this by giving you a list of all your Verified Sources, the ability to instantly manage your SPF record, detect overlapping includes in your SPF record and, even upgrade to SPF Flattening should your record have too many includes.

Hosting Your SPF with MxToolbox

Hosting your SPF record with MxToolbox through our SPF Hosting Integration, will enable you to modify your record and add new senders to your SPF record without having to log in to your DNS host.  Additionally, our system will help you avoid configuration errors and make suggestions as to what senders to include in your SPF record without having to leave your MxToolbox account.

With an MxToolbox hosted SPF record, your business can:

  • View your entire SPF setup on one screen
  • Manage your record through Verified Sources
  • Make changes to ensure your SPF record is correct and valid
  • Manage vendors and update providers
  • Enable automated options that automatically keep your record up to date

More MxToolbox SPF Management

MxToolbox Delivery Center Plus also offers SPF Flattening, which rewrites your SPF record. If you have more than 10 lookups included in your SPF record, the later lookups will not be executed, leaving some of your legitimate email senders to bounce. SPF Flattening helps “iron out” any SPF record issues and instantly creates a new, properly configured record to increase your email delivery rates.

Manage DMARC Setup

Similarly to SPF management, MxToolbox Delivery Center can host your DMARC records, allowing you to quickly and easily manage your DMARC records through the iterative process of implementing a 100% Reject policy.

  • View and Inspect your existing DMARC record for configuration issues
  • Manage changes on-the-fly to your DMARC record
  • Quickly modify your DMARC policy
  • Easily adjust the percentage of email subject to the DMARC policy

With MxToolbox Delivery Center Products, the iterative process of getting to 100% Reject is simple and easy!

Domain Reputation – Google’s Hidden Blocklist

Inbox Providers like Google, Yahoo! and Outlook.com are constantly evolving new ways to ensure that the email making their inboxes is safe, timely and relevant to their users. At their disposal are multiple layers of email technology protection:

  • TLS Encryption for connection
  • Blacklists (both internal and external)
  • DMARC Compliance (SPF Authentication, SPF Alignment, DKIM Alignment)
  • Spam Content Scoring Rules
  • Bulk Sender Spam Reporting Rules
  • Individual Spam/Junk Rules

In past blogs, we’ve discussed each of these layers, including Google’s Content Reputation checks. Today, we’ll discuss what we know about Google’s proprietary blocklists.

Blocklists come in two forms:

  1. A list of IP addresses that have sent spam or dangerous emails or should not be sending email at all.
  2. A list of Domains that have been used in fraud, phishing or spam emails.

Google employs both types of blocklist to limit the risk of spam email making their Inboxes. But, how does Google determine what IP addresses and domains to block?

Google’s Blocklist Logic

Traditional blocklists use a variety of methods to determine what IP addresses or Domains are threatening. Often these include networks of spam traps, honey pots and feedback from inbox owners. Google appears to leverage both commercially available IP blocklists and their own proprietary logic. Staying off a commercial blocklist is therefore the first step in making the Google inbox.

Google has access to more inbox data than any other Inbox Provider. They can leverage Customer Sentiment and Behavior to create an aggregate picture of incoming email from an IP address or domain. This works in a few ways:

  • Email from IP addresses that were marked as spam gives that IP address a negative reputation. Google tracks the ratio of those emails received to those marked as spam. Over a certain threshold, this sentiment causes the IP address to be blocklisted for all senders from that IP.
  • Email domains are similarly tracked across all inboxes. Over a certain threshold of users marketing the email as spam, all email from that domain will be marked as spam.
  • Email containing content that is similar to content from blocklisted IP addresses or domains is automatically placed in the spam folder.
  • Email domains with a persistent poor reputation maybe placed on a complete blocklist and fail delivery entirely.

How can you stay off Google’s Blocklists?

Staying off of Google’s Blocklists is similar to staying off any blacklist, with a few additional considerations:

  1. Maintain good email list hygiene. Remove old and unreactive email addresses to reduce the risk of being marked as spam.
  2. Use an email marketing service that spreads your sent email over multiple dedicated IP addresses for marketing campaigns. This reduces the risk of IP blacklisting.
  3. Do not use purchased email lists. These may contain aged, or spam trap inboxes or inboxes that have been filled. In addition, purchased lists are very low quality, increasing the risk that your email will be marked as spam and blacklisted.
  4. Use separate domains or subdomains for marketing, transactional and person-to-person email. This reduces the risk of your business email becoming blacklisted by a bad marketing campaign.
  5. Reduce the frequency of your marketing campaigns. Recipients are more likely to mark email as spam if they feel overwhelmed.

How do you recover your reputation?

If you have landed on Google’s Domain Blocklist, you have a difficult time ahead. All email may be completely refused or immediately sent to the Spam folder. Recovery takes time and patience. If you haven’t already, take the time to go through the steps listed above. Within a few weeks, you should see acceptance rates and open rates improve. If not, you have a more serious issue, Google has permanently blocked your Domain. Your only recourse may be to create a new domain from which to send email.

How does MxToolbox help?

MxToolbox Delivery Center provides the email delivery management and monitoring that you need to keep your messages flowing.

  • Monitor DMARC compliance rates across all senders
  • Closely monitor your Gmail Spam rate.
  • Check your email for 1-Click Unsubscribe, a requirement of Google and Yahoo! bulk sender rules
  • Analyze your campaigns for other potential reasons to miss the inbox with Inbox Placement 
  • Notify you of issues while they’re occurring to enable quick resolution and damage control

If this sounds complicated, MxToolbox also offers Managed Services team that can help you setup DMARC, DKIM, SPF, BIMI and get your domain aligned with Google’s bulk sender policies.

Content Reputation – Google’s Secret Sauce

Getting to a Google user’s inbox can be a complicated maze to navigate. Some of your emails arrive fine while others seem to hit only the Spam folder. The biggest factor is Google’s Bulk Sender Requirements. If you adhere to those rules, your email is most likely to make the Inbox. DMARC compliance, of course, is a base requirement.

But, what if you are still hitting the Spam folder?

Google is Judging Your Content

Remember that Inbox Providers are trying to provide a service to their customers. Part of this service is to improve the quality of their inbox experience by reducing spam emails and surfacing only email that their customers want to receive. Google categorizes emails in several ways:

  • Primary – Person-to-person email, direct business correspondence, etc.
  • Promotions – Newsletters, ad campaigns, sales circulars, etc.
  • Social – Notifications and invitations from social media platforms.
  • Transactional – Receipts, order confirmations, order updates, etc. Transactional can end up in Primary or Social.
  • Bulk – Email sent to a significant number of Google inboxes. Promotions are a bulk form of email.

As a marketer, you will want to land in the category most likely to get opened: Primary. However, Google and their customers want your email to be properly categorized so that they can prioritize their email. What folder or category your email ends up in is largely due to the content of the message!

What Content Gets You to the Spam folder?

Google is also judging your content versus other email content and user sentiment about those emails.

Google has four main reasons for marking your email as spam:

  1. Content is similar to other messages marked as spam.
  2. Content is similar to yours was used to steal personal information.
  3. Links in your email were suspicious.
  4. Emails from your Domain have been marked as spam in the past.

You can see the messaging Google uses in their web UI, in the screenshots below

What can you do if you have Content Reputation Issues?

The good news is that you control your content. You have the option to make changes to your emails before you hurt your domain reputation.

MxToolbox recommendations:

  1. Send separate and distinct emails for transactional and marketing purposes and do not mix marketing messages into a transactional email.
  2. Use distinct subdomains for Person-to-person, Transactional and Marketing emails. This will solidify the separation to Google and given their algorithm a clue into proper categorization.
  3. Review your Marketing lists regularly and prune outdated contacts in order to reduce the likelihood of your email being categorized as spam.
  4. Review your Marketing content for spammy/histrionic language.

How can MxToolbox help?

MxToolbox Delivery Center provides the email delivery management and monitoring that you need to keep your messages flowing.

  • Monitor DMARC compliance rates across all senders. DMARC is key to making the Google Inbox.
  • Closely monitor your Gmail Spam rate. Being reported as spam by a few senders will get you marked as spam in all Inboxes.
  • Check your email for 1-Click Unsubscribe, a requirement of Google, Outlook.com and Yahoo! bulk sender rules.
  • Analyze your campaigns for other potential reasons to miss the inbox with Inbox Placement. Our MxTips ™ give you insight into potential Content Reputation Issues by analyzing your campaigns before you send them.
  • Alert you to issues while they’re occurring to enable quick resolution and damage control.

Sending to Outlook.com Users gets more complicated

The arms race between spammers and Inbox Providers continues with Microsoft’s recent announcement of changes to Outlook.com bulk emailer rules. Fortunately, there is good news:

If you have already committed to Google and Yahoo Bulk Sender requirements, you are already covered. Keep doing what you are doing!

What are the specifics?

On May 5, 2025 you will be required to meet the following requirements to make the inbox when emailing Microsoft users (Office 365, Outlook, Hotmail):

  1. Authentication: All emails must pass SPF, DKIM, and DMARC to be delivered to Microsoft inboxes.
  2. Bulk email: Newsletters, surveys, and other marketing emails must allow recipients to opt-out and must support functional one-click unsubscribe. Plus, unsubscribe requests need to be processed within 48 hours. Remember, if you send more than 5,000 messages in a month, you will automatically be labeled a bulk sender.
  3. Sender addresses: Ensure your “From” or “Reply-To” address is valid and compliant, displays the actual sending domain, and can receive reply emails.
  4. List hygiene: Routinely review and update your recipient list to make sure your messages are NOT being sent to addresses that bounce or label your email as spam. Keeping a healthy marketing email list is vital to maintain a high delivery rate and sender reputation.

How Can MxToolbox Help?

MxToolbox’s Delivery Center helps you manage the complexities of DMARC Configuration and Management . Our comprehensive email delivery tools allow you to setup SPF, DKIM, and DMARC, implement a DMARC “reject” policy, maintain compatibility with changing Google, Yahoo! and Outlook.com sender requirements and manage emerging delivery issues.

A major tool in our suite of email delivery tools, Inbox Placement, allows you to test your outgoing email campaigns for over 50 different delivery issues, and notifies you if your campaigns are likely to go to the Spam/Junk folders or achieve the Inbox. In addition, Delivery Center Inbox Placement your Google spam rate and ensures tests that your campaigns meet one-click unsubscribe requirements at Google, Yahoo! and Microsoft Outlook.com.

MxToolbox is the Expert on email delivery. We offer a wide range of email delivery services, including a fully managed email delivery service, so be proactive now and take advantage of them before these Bulk Sender guidelines affect your email.

How’s your Spam Rate?

Inbox Providers like Google, Yahoo! and Outlook.com want to reduce the amount of irrelevant, junk and spam email that they process in order to protect their users and reduce their hosting costs. Think of it this way: every message that isn’t marked as Junk, Spam or Trash gets lodged in the Inbox forever. For them, the cost of keeping spam around in the Inbox is staggering considering the millions of Inboxes each of these companies support.

Improved Relevance Means Less Risk

Email is incorrectly seen as a nearly free way to advertise your product or service: simply buy a list and start hammering away until you get new clients. Unfortunately, this method has really low relevance to the recipient. With no context and no connection to your product or service, you are simply part of the ever-increasing deluge of spam they receive. For Inbox Providers, you are indistinguishable from fraud and phishing emails that do not overtly carry malware. In short, your lack of relevant connection to the recipient is a risk and a burden, and a cost!

Google’s Spam Rate

With the introduction of Bulk Sender Requirements, Google (and Yahoo!) have defined new Spam Rate standards for email acceptance alongside the requirement for DMARC compliance. Google has even gone so far as to define a threshold: 0.3%. Anything over this rate and all email from your domain is likely to be blocked. This now provides a definite reason to be more relevant: if more than 1 in 300 of your emails is marked as spam by a recipient, your entire domain could be considered a source of spam.

This may seem draconian, but the benefits to Google are immense: They can decide to refuse acceptance of spam at the gateway level, foregoing all post acceptance processing like DMARC, content analysis, malware screening, etc. They simply refuse to touch it, saving them time and money. For their users, the benefit is also large: tidier inboxes, more relevant mail, less guesswork as to what is potentially good and bad, and less to delete.

How do you maintain a good Spam Rate?

Email list hygiene

If you are buying email lists, stop now. If you bought email lists, throw them away. 3rd Party email lists are poisoning your email spam rates. If a recipient has not interacted with an email or your site in a significant period of time, consider pruning it from your lists.

Configure and abide by the 1-Click Unsubscribe

Unsubscribe links are mandatory in all email communications. With Bulk Sender requirements, Inbox Providers have increased the necessity to manage and monitor email unsubscribes in a way that makes it easier for recipients to say “no” to your emails. 1-Click Unsubscribe enables a recipient to get off your list with zero friction.

Separate your transactional email from your marketing email

Separating the points of origin of your transactional email and marketing email can improve your email acceptance rates. While this may seem counter-intuitive, mixing transactional email with marketing email will only reduce the acceptance of transactional emails. Clear delineation of email types, including using different subdomains means better identification and acceptance of transactional email.

Monitor you Spam Rate

Email delivery requires regular monitoring to ensure that your email campaigns stay below Google and Yahoo! Spam Rate limits. Monitoring on-going email operations and testing email campaigns before you release them can help keep you off their spam lists.

How does MxToolbox help?

MxToolbox Delivery Center provides the email delivery management and monitoring that you need to keep your messages flowing.

  • Monitor DMARC compliance rates across all senders
  • Closely monitor your Gmail Spam rate
  • Check your email for 1-Click Unsubscribe, a requirement of Google and Yahoo! bulk sender rules
  • Analyze your campaigns for other potential reasons to miss the inbox with Inbox Placement 
  • Notify you of issues while they’re occurring to enable quick resolution and damage control

Google to support Common Mark Certificates for BIMI

We’ve discussed the value and difficulties of BIMI in the past, but it appears that there is some growing support for the standard that might make it more relevant to small and medium businesses – Google has announced that it will support Common Mark Certificates and display the BIMI logo for companies opting this route.

What is BIMI?

BIMI is an Internet standard for taking ownership of email and securing your outbound brand that also provides clear indication of trust by displaying the Brand Owner’s Logo in the UI of the email client. To have your Brand Logo displayed by your email, you need:

  • To be DMARC compliant
  • To have DMARC policy of Reject
  • To have a compatible BIMI logo in DNS
  • To have certified ownership of that brand logo

The big value of BIMI is that the logo in the UI provides reassurance that the email does indeed come from you and that you are a trusted sender.

Why is this a big deal?

Until this announcement, the only type of certification for brand ownership was a Verified Mark Certificate (VMC). VMC’s initially cost between $1000 and $1500 per year, per domain and required the owner to obtain an official government trademark on the logo and branding. If you broke your email across multiple domains or manage multiple sending brands, a VMC could get expensive quickly. In addition, many smaller businesses would find governmental registration of their trademark difficult, and the expense might price them out of the verification altogether.

Common Mark Certificates (CMC) are another method of certifying your logo and protecting your brand from being used in fraud and phishing, while providing the benefit of display in the recipients’ inboxes. Because CMC’s do not require official trademark, the hope is that CMC’s will reduce the cost of certification and broaden support and use of BIMI.

The Caveat

Don’t rush out today and grab a CMC. Why? Because you can’t. The BIMI workgroup only announced support recently and vendors have yet to define the product and pricing for a CMC. Most likely pricing will be very similar to that of a VMC, so even with the “greater flexibility” to obtain a mark certificate, the cost might be prohibitive.

How can MxToolbox Help?

Regardless of whether or not you are adopting BIMI, adopting DMARC and getting DMARC to a strict policy is imperative for good email delivery.  MxToolbox Delivery Center has everything you need to improve your email delivery:

  • Manage SPF, DKIM, DMARC to improve compliance and reduce the threat of fraudsters and phishing campaigns using your domain. DMARC will get you prepared for BIMI.
  • Review daily volume and SPF, DKIM, and DMARC compliance rates to ensure the best email deliverability.
  • Gradually move your DMARC policy to “Reject” to enable better inbox placement opportunities and reduce the risk of phishing and fraud using your domain. Also, it is the next step to become BIMI compatible
  • Check and maintain your BIMI setup, including certificate configuration and alerts to when certificates will age out.

We also provide free tools!  To get started with BIMI, check out our Knowledge Base and free BIMI Lookup tool.

iOS 18: Changing the Email Delivery Game

For over a decade, Gmail users online and in mobile devices have been using the “Promotions” tab. With the release of iOS 18, Apple device users will now have a similar experience in the Apple Mail application.

Apple Mail introduces Categories

With iOS 18, Apple Mail will categorize all incoming email into four separate buckets:

  • Primary: Most important messages from contacts and time-sensitive mail
  • Transactions: Receipts and order confirmations
  • Updates: Newsletters, social notifications, and all other messages
  • Promotions: Marketing and sales emails

In addition, the Apple Mail client will adopt BIMI support to append icons to DMARC and BIMI compliant email and provide extended Snippets to allow users to get a more in-depth, quick view of the email content.

BIMI icons and extended Snippets in iOS18

How does this affect Senders?

Around 55% of iOS users manage their email in Apple Mail, while around 30% use the Gmail application. In addition, historically the majority of iOS users adopt the latest operating system upgrades quickly. Senders can expect near immediate adoption of the new Apple Mail meaning changes to (probably reductions of) Open Rates, Click Through Rates and probably increased Unsubscribe Rates. Email Senders, especially marketers, will have a new landscape to navigate. Making the Inbox may no longer be sufficient to get your message across – “Primary” may be the new goal.

What can Senders do?

  • Adopt DMARC – You message has low chance of making the Inbox without DMARC
  • Get your DMARC to a Reject posture – Adopting DMARC is not enough. You need to actively manage your email senders and get your email in a position so that a Reject policy protects your brand.
  • Adopt BIMI – The new Apple Mail application will feature BIMI support. Having your company’s icon/logo next to your email will give customers comfort and trust, making them more likely to open it.
  • Stop Cold Outreach Email – Our article, The Days of Unsolicited Email are Over, goes into detail about why this practice will destroy your ability to send email.
  • Improve your email targeting and content – Learn more: Does email content affect your email delivery? | MxToolbox Blog.
  • Use separate subdomains for marketing and transactional email – This can help Apple Mail and Google classify your email better. You want your users to find your Transactional email in the Transactions folder and your Promotions in Promotions. This gives them comfort and will cut back on Unsubscribes.

How can MxToolbox help?

MxToolbox Delivery Center is our suite of tools and monitors to actively manage your email deliverability across all Inbox Providers. We enable you to:

  • Setup DMARC quickly and easily
  • Actively manage your response to DMARC reports and DMARC compliance rates to help you make the Inbox
  • Migrate to a DMARC Reject policy
  • Adopt BIMI
  • Monitor and alert on Spam Rates to protect your email delivery
  • Proactively test your email for Inbox Placement issues
  • Parse your message for common issues like spammy content, broken links and link shorteners
  • And much more…

If managing your email delivery sounds complicated… We even over a Managed Services option. We’ll work with you, make suggestions, help with configuration and proactively monitor your email delivery to enable you to concentrate on your business.