Author Archives: stephenmxtoolbox

Validity goes behind a Paywall

Validity recently announced that their Universal Feedback Loop ARF reports were no longer a free service but going to be a paid subscription. They are replacing their individual ARF reports with a free aggregate report today.

What is Validity ARF Reports?

Abuse Reporting Format (ARF) is standard that allows Inbox Providers to provide Feedback or Recipient Complaint information to legitimate email senders. The data contained in a ARF report can be as limited as the subject of the email and number of complaints or may be highly detailed information, like:

  • Date and Time of the Complaint
  • Date and Time of the Email Sent
  • Subject of the email
  • Email Addresses Unsubscribing
  • Email Addresses Complaining
  • Email Addresses Failing
  • Type of Failure or Complaint

However, Validity ARF reports only contain minimally actionable information: Subject, Date and Type of Complaint and email header with obfuscated recipient data.

Who does the change affect?

MxToolbox Delivery Center customers with a Validity Feedback Loop/Complaint integration will lose access to new Validity data on September 22, 2023. MxToolbox is investigating the value of integrating with their free aggregate version of the Universal Feedback Loop systems or terminate the integration with Validity.

Our product team is constantly evaluating the potential for new integrations to ensure that our Recipient Complaints feature provides detailed, actionable insight to our customers. While Validity ARF reports contained some actionable insight when free, the impact when compared to DMARC data and other sources of Feedback Loops will be minor to most customers.

MxToolbox’s Stance

MxToolbox has always been an advocate for improving email delivery and an early adopter of DMARC and Feedback Loop aggregation technology. Feedback Loops were intended to be used to improve the quality of email and reduce the quantity of unwanted email, so, placing Feedback Loop and Complaint information behind a paywall seems like the wrong direction. The additional costs will be especially rough for small-to-medium businesses to bear.

MxToolbox Free Email Delivery Tools

MxToolbox has always been a provider of Free Email Delivery Tools. From our early days Blacklist Lookups and Monitors have been free to use. We continue to expand our suite of free tools to help businesses improve email delivery.

Email Content is King! sort of

The essence of a good email is sending the right message to the right person at the right time. Unfortunately, many email marketers make several common mistakes:

  1. Assuming that Email is Free
  2. Assuming that “Good” content is the same for all recipient personas
  3. Assuming that more content is better

#2 and #3 are understandable. After all, your team might have spent a lot of time and effort to create quality content and you want to get your money’s worth. Reusing content, combining it with other pieces, or calling it out in different ways are marketing best practices. However, there are some other best practices that need to be adopted as well.

Generic is boring

There is an American electronics retailer that emails me several times a week. Unfortunately, the content is often the generic “We have new products!” or “We have a sale!” with a call to action that really means “search on our website (to maybe sorta, kinda see if there is anything relevant to you)”. Why should I bother? It’s lazy, generic marketing that makes me work to find any value in it. It’s a throwback to the Sunday newspaper advertisement circulars that had a little bit on sale for everyone; but that is now obsolete.

If you are sending a generic email like this, stop now. There are better ways to engage potential customers through simple segmentation or self-selected segmentation. For example, this retailer could send out an email by brand (Samsung, Apple, LG, etc), or by category (appliance, PC, mobile, smart tv, etc.), giving the recipient enough information to entice further interaction with their site. While still somewhat generic, it is more targeted and there are is direct value to open it if I resonate with that brand or product. Even better would be a tailored email of new and sale items based on prior browsing and purchase history.

Brevity is the soul of wit

Brevity is also the key to engagement. Do you read long emails from advertisers? Most people don’t. A short, direct email with a clear call to action gets more attention than a lengthy email, no matter how well written. This is easier to accomplish once you stop sending generic emails.

A picture is worth a thousand words…

And, many pictures can be confusing… One or two images per major idea should be sufficient to communicate your brand values and the ideas you need to get across. Just as with brevity in verbiage, more meaningful, connected images make a larger impact.

A broken link goes nowhere

A broken or malformed link also does you no good. Checking the number and endpoints of every link, especially calls-to-action will improve the quality of your email and may potentially save you from looking like spam.

Email Delivery

While these Best Practices are written to improve content to achieve better email performance from a marketing, they will also improve your email delivery. Inbox Providers are attempting to serve users by prioritizing relevant email. Large, generic emails, or emails with many images or links look suspicious. In addition, because these types of emails tend to have poor open rates, they are also more likely to be mistaken for spam.

How can MxToolbox Help?

Our Inbox Placement tool analyzes your campaign emails before you send them. We determine if the email will make the inbox at major Inbox Providers like Google, Yahoo! and Outlook.com/Office365. We also analyze important technology and soft factors like:

  • DMARC Compliance
  • Broken or copious links
  • Wordiness
  • Broken or too many images
  • Spammy verbiage
  • Other indicators of spam

Inbox Placement is a feature of all Delivery Center plans, so you can test your marketing emails and improve your DMARC compliance all in one place.

Does DMARC and email deliverability seem too complicated?

MxToolbox Experts are here with a Managed Services approach to your email configuration issues.

Google expands support for BIMI: Is it time to dive in?

Google recently rolled out additional support for BIMI through their Gmail.com webmail application and mobile apps.  Since Google is one of the largest Inbox Providers in the world, this should be an exciting step forward for BIMI and for Marketers wanting to reach potential customers.  (For more information on BIMI, click here.)

Google’s Implementation

On Gmail.com and Google mobile applications, users will see a checkmark and BIMI logo next to an opened email as in the image below.  In addition, Google mobile applications will display the logo next to the sender in the Inbox view by the subject line.  BIMI logos should lead to an uptick in Open Rates and Click-through Rates because of additional confidence in the “certified” origins of these emails.

In order to have your logo displayed, Google requires you to:

  1. Setup SPF, DKIM and DMARC
  2. Have a DMARC Policy set to 100% Reject for email failing DMARC
  3. Generate and post a correct BIMI logo
  4. Have a Verified Mark Certificate (VMC)

The first two steps will dramatically improve a sender’s email delivery and email reputation.  Adopting DMARC gives Inbox Providers more assurance that your email is legitimate and not spam, while a strict DMARC policy prevents your email domain from being used in phishing and fraud attacks.  A VMC is designed to protect both Google and your brand by certifying the owner of the logo and domain.  Unfortunately, a VMC costs roughly $1100-$1500 annually per Email Sending Domain, which makes it expensive for many small businesses.

What other Inbox Providers support BIMI?

The BIMI working group has a list of all current Inbox Providers that support BIMI.  The good news is that big, global Inbox Providers like Apple, Yahoo!, and now, Google support BIMI as do several smaller or local providers like Fastmail and LaPoste.  This list appears to be growing.

Unfortunately, consistent logo display is an issue.  Many Inbox Providers only have partial support for BIMI or support different rules for displaying BIMI logos online vs via mobile applications.  In addition, many providers do not support BIMI logos in the Inbox view, where most people make the decision on whether or not to open the email.  This reduces the impact to Open Rates and subsequent downstream effects, like Click-through rates and Sales.  

MxToolbox Expert Take

Increased support for BIMI is a great sign for the technology.  After over four years of moving glacially forward, we’re hopeful that this will increase the pace of BIMI adoption.  To a Marketer, the idea of having your logo proudly displayed next to your verified email in the Inbox both increases the chance of the recipient opening the email and improves the reputation of the brand. 

There are Drawbacks

However, the current level of support does not entirely live up to that promise: few Inbox Providers display the logo in the Inbox where Open Rates will be affected. In addition, the extra expense associated with a Verified Mark Certificate might be considered burdensome for many small businesses, leaving gains to the larger businesses and brands.  While the extra security from a VMC is like that of an SSL certificate for ecommerce, the additional value BIMI provides may not be there for every brand yet.  

There are Alternatives

Finally, both Google and Microsoft already have other ways to display user images or logos in the message view of an individual email.  If the sender is a Google Workspace user, their preferred image will be displayed in the same spot as the BIMI logo.  Microsoft offers Microsoft Business Profile program to create a unique identifier card. Office Web Apps in Office 365 and Outlook.com use the verified icon provided to Microsoft when a company joins the program.  A savvy marketer might be able to get much of the BIMI effect from these alternatives.

MxToolbox Recommendation

Focus on the basics of Email Delivery: Technologies like SPF, DKIM and DMARC, and Best Practices in email list management and content relevance. Once your DMARC configuration is really set, then think about icing the cake with BIMI.  To get started with BIMI, check out our Knowledge Base and free BIMI Lookup tool.

Adopting DMARC and getting DMARC to a strict policy is imperative for good email delivery and adopting BIMI. Get started today with MxToolbox Delivery Center.

The Case for SPF Flattening

SPF is an integral part of email delivery.  If your email is not SPF Compliant it has little chance of reaching your intended recipient.  To be SPF Compliant, you must list all of your valid email sources in your SPF record which delegates sending authority to them.  Each provider will have a recommended list of IP addresses to include as part of their setup instructions.  Unfortunately, here’s where SPF can get complicated.

What are the limitations of SPF?

The more email sources you have, the more you need to include in your SPF record.  Many companies utilize multiple email vendors, for example:

  • Inbox Providers – Office365, Google Workspace, Exchange
  • CRMs – Salesforce, Hubspot, Zoho
  • Marketing Automation – Marketo, Eloqua, etc.
  • Order Fulfillment – Netsuite, etc.
  • Support Systems

Each of these systems will have a list of IP addresses to include in your SPF records to ensure that the email they send on your behalf is compliant.  Often, these lists include multiple additional lookups.  SPF has a hard limit of ten (10) lookups for a sending domain. Unfortunately, with even a small number of email sending vendors, it is extremely easy to hit the SPF lookup limit and put your email delivery in jeopardy

What is SPF Flattening?

SPF Flattening, SPF Refactoring, SPF Restructuring, etc. is all basically the same thing:  repacking all of the valid sending IP addresses for your domain and your senders into fewer SPF records so that every sending IP address is accurately represented and SPF lookup limits are maintained.

Types of SPF Flattening

You have two distinct choices for reducing the SPF lookups in your SPF records:  manual or automatic.  There are pros and cons for both methods we’ll discuss below.

Manual SPF Flattening

Manual SPF Flattening requires understanding all the lookups in your vendors SPF includes.  You manually take each included record, parse them out, remove duplicates and create a new SPF record.  This can be as simple as removing a few duplicate entries (Gmail is often included in many provider SPF records) or completely refactoring the list of IP addresses at the IP block level.

The advantage here is that you are intimately familiar with every IP address that your company uses to send and you can eliminate blocks of IP addresses that you are not actually sending from.  A lighter, tighter SPF record is thought to be more secure and protect from potential spoofing or fraud because it reduces the attack surface area.

Unfortunately, the disadvantages of this approach are fairly large.  Manual parsing is time-consuming and knowledge-intensive.  In addition, vendors can and will often change the pool of IP addresses they send from..  This, in turn, forces you to update your SPF records to maintain good email delivery.  Finally, manual modifications create a risk of human error or choices that could cause omission of valid sending IP addresses, further risking your email delivery.

Automatic SPF Flattening

Automatic SPF Flattening involves a script or service that hosts your SPF records for you.  An SPF Flattening service will regularly check the email sources you specify should be part of your SPF records, parse, deduplicate and refactor them to ensure a “flat” SPF record that meets the lookup restrictions on SPF.  

The advantage of a fully-automated SPF Flattening service is the low-maintenance.  Your SPF records will be constantly updated as your legitimate email senders update their sending configurations.  Need a new vendor added?  Update the SPF Flattening host configuration and it’s parsed into your records.

The main disadvantages of automated SPF Flattening are cost and control.  Some providers charge by lookup served, others by domain, while others charge for each time the records are flattened or updated.  There is also a degree of control lost when outsourcing to a 3rd party.  You are now dependent on your host for accurate SPF records, timely updates and uptime.

There are also hybrid flattening options available, where you get a one-time flattened record for a fee and continue to host your own SPF record.  These services do not have automatic update capability or hosting, but they simplify the restructuring of your SPF record and allow you to control what you put in your DNS.  The trade-off here being more maintenance but less cost and more control.  

How can MxToolbox help?

You first need to know if you have a problem before solving it.  MxToolbox offers a Free SPF Lookup Tool where you can check your real-time SPF configuration for errors, including the risk of “Too Many Includes”.  

If you have Too Many Includes in your SPF record, we also offer SPF Flattening as part of our Delivery Center Plus package.  Delivery Center Plus also provides everything else you need to manage your email delivery:

  • Inbox Placement Analysis
  • Recipient Complaint Reporting
  • DMARC Email Delivery Performance Reports
  • Email Configuration Analysis
  • Adaptive Sender Blacklist Monitoring
  • Inbound + Outbound MailFlow Monitoring
  • Domain Impersonation Protection
  • Advanced Email Delivery Threat Tools
  • SPF Flattening

Recent Yahoo DMARC Reporting Issues

Over the weekend, Yahoo! experienced issues with DMARC reporting to email senders.  DMARC processing reports appeared garbled which rendered the reports unusable.  

What is a DMARC Report?

DMARC reports are critical to understanding email delivery.  They contain XML descriptions of email delivery results sent by Inbox Providers to email senders and DMARC reporting tools.  A DMARC report details email volume, SPF, DKIM and DMARC compliance information for a domain sending to that Inbox Provider. It is important for emailers to act upon the information in a DMARC report to improve their email delivery and protect their brand.

How does this affect Email Senders?

MxToolbox Delivery Center customers and others that sent email to Yahoo! over the weekend will not have accurate information on their DMARC reports back from Yahoo! This will appear as lower than normal email volume, but this should not affect compliance rates.

It is possible that Yahoo! will resend the information now that the issue has been corrected, but it is unlikely.  It is also possible that the data is no longer available or was corrupted at the source, so users can expect a hole in the data for the weekend.

Does this make DMARC less reliable?  How does this affect DMARC reporting?

This appears to be a one-time issue with Yahoo!   The issue appears to be DMARC reporting, and not DMARC compliance processing, so this does not affect email security or the value of DMARC as an email delivery technology nor does it seem to affect inbound email.  DMARC compliant email will always be prioritized over non-compliant email by large Inbox Providers like Google, Outlook.com and Yahoo!  The main issue is a short-term lack of information from one Inbox Provider, not an issue with DMARC itself.

MxToolbox Helps You Process DMARC Reports

If you have a single, small DMARC report to checkout, MxToolbox provides a free DMARC Report Analyzer.  This will give you good insight into how compliant your email was to a single Inbox Provider over a short period of time.

Getting DMARC compliant will improve your email delivery.  To achieve DMARC compliance, you need a DMARC Reporting tool like MxToolbox Delivery Center.  Delivery Center processes, aggregates and analyzes all your DMARC reports across all Inbox Providers.  You get a single interface to understand your SPF, DKIM and DMARC compliance across all your senders.

Why are my SPF Pass Rates so low?

SPF is an important technology for email delivery.  If your email is not SPF compliant, then it is highly unlikely that an Inbox Provider will deliver the email to the recipient’s inbox.  Inbox Placement is key to getting your message heard and SPF compliance is key to making the Inbox.  MxToolbox Delivery Center provides a comprehensive resource for understanding and managing SPF, DKIM and DMARC compliance, but there are few things you need to know about SPF regardless of the tools you choose.

SPF Compliance

To be SPF Compliant, an email must SPF Authenticated and SPF Aligned.  The standard provides a strict compliance that also allows a domain to designate 3rd parties as valid senders.

SPF Authentication

An email is considered SPF Authenticated when the email originates from an SMTP server on an IP address that is contained in the sending domain’s SPF records.  This enables a business to designate a 3rd party emailer as a valid sender of email.  

SPF Alignment

SPF uses the header of the email to determine Alignment.  An email is considered SPF Aligned when the domain in the “From:” address of the email is the same as the domain in the Return-Path field of the header or with a domain that is Authenticated with the valid list of senders in the SPF record.

MxToolbox SPF Pass Rates

MxToolbox has two metrics useful for understanding SPF Compliance: SPF Authentication Rates for Aligned Domains and SPF Pass Rates for Verified Sources.  These metrics enable you to report upon and analyze your email providers for areas to improve upon.

SPF Authentication Rates for Aligned Domains

As part of our SPF management processes, MxToolbox Delivery Center gathers a list of valid return path domains and subdomains and analyzes the amount of email from these SPF Aligned domains that is properly SPF Authenticated.   Email that is Aligned but not properly Authenticated indicates that one or more email senders are missing from your SPF records, or that your SPF records are too large and violate SPF include rules.  You will need to add the missing senders to your SPF record or use an SPF Flattening tool.

SPF Pass Rates for Verified Sources

As part of MxToolbox Delivery Center, we automatically detect the sources that are sending email on behalf of your domain. These include your own servers, your corporate Inbox Provider, 3rd party marketing tools, CRMs, etc.  Verified Sources should be in your SPF records, meaning they should be Authenticated. 

Our second analysis looks at the SPF Alignment rates for each of these Authenticated senders – the SPF Pass Rate.  A low SPF Pass Rate for a sender indicates that the sender’s “From” and “Return-Path” domains are not the same or not contained in your SPF record.  Unknown sources that arise from this analysis could be threats to your brand or rogue senders that need to be added to your SPF records.

There are potentially several reasons for low SPF Pass Rates for Verified Sources:

  • Spoofing – A malicious actor is trying to use your domain to legitimize their spam or malware.
  • Forwarding – Many people use inbox forwarding or mailing lists to manage email distribution or aggregate email. Forwarded email will change the return-path, breaking SPF Alignment.
  • Missing Senders – Someone may have legitimately contracted with a 3rd party emailer and failed to add the full or correct entry to the SPF record. The sender could be SPF Aligned, but not Authenticated.

To fully understand why your SPF Pass Rate for a Verified Source you need to investigate the largest sources of misaligned email, SPF Unaligned Domains. Typically, you will see benign domains like gmail.com, googlemail.com, and other subdomains of legitimate senders. Occasionally, you’ll see large volumes from other sources, which could be benign or fraud. Investigating these can improve your email delivery.

Does DMARC and email deliverability seem too complicated?

MxToolbox Experts are here with a Managed Services approach to your email configuration issues.

Do you know what you don’t know about your email?

As a marketer, I typically know if a prospect opens my email, clicks on a link or buys a product.  All 3rd party email marketing tools provide this information.  But, what happened before the Open?  

Did the email make it to the Inbox?  

Did it get delivered to the Spam or Junk folder?

Does my language, text, grammar or content seem spammy?

Did my email configuration affect my open rates?  

Are my 3rd party senders blacklisted or otherwise hurting me?

Are my prospects complaining about me to their Inbox Providers?

There are many layers protecting inboxes from spam and undesired email. Your business needs a strategy to ensure that your email passes through each layer to reach the recipient.   Your open rates will thank you. 

What can you measure?

Actually, with the right tools, you can get answers to all these questions.  Inbox Providers like Google, Yahoo!, and Office365 wants their inboxes to show relevant email so they provide data via DMARC Reports and Feedback Loops to help legitimate businesses.  Neglecting these key resources is equivalent to driving in traffic without a GPS: you don’t know what traffic incidents or twists and turns are waiting for you.

How does MxToolbox Help?

Inbox Placement

Will your email make the Inbox, Junk folder, Spam folder or fail to get delivered?

Inbox Placement allows you to test prospective campaigns with the most common Inbox Providers – Google, Yahoo! and Office365.com.  We’ll tell you if the email is delivered and to what folder.  We’ll even analyze the contents of your email to give you MxTips(™) to improve your inbox placement.  Some simple tweaks to verbiage or construction can often improve Inbox Placement tremendously.  

DMARC Reporting

Is your email configuration affecting your email delivery?  Are all your emails SPF, DKIM and DMARC compliant?  

To optimize your email delivery, and get your message heard, you need to constantly analyze and manage your email configuration.  Inbox Providers will send out DMARC digests giving you data on your SPF, DKIM and DMARC pass rates.  With this data, you can determine if you have senders missing from your SPF records, DKIM issues, or potential risks from fraud and spoofing.  MxToolbox Delivery Center gives you all the tools you need to take DMARC data and turn it into actionable email delivery insight.

Feedback Loops

Did a recipient complain about receiving your email to their Inbox Provider?  Did the recipient mark it as unsubscribed with the Inbox Provider?  Was the email address invalid or shut down?

Many Inbox Providers offer feedback loops or complaint mechanisms to validated emailers.  Once configured, you can get information on email addresses and campaigns and how recipients view your emails.  Analyze your recipient complaints, remove complainers, unsubscribers, and closed email boxes to massively improve your email delivery. MxToolbox Delivery Center allows you to configure and aggregate complaints across Inbox Providers to get insight into how your campaigns are perceived by recipients.

Adaptive Blacklist Monitoring

Are your 3rd party ESPs blacklisted and harming your email delivery?

Due to the nature of their business, 3rd party emailers will always have a few IP addresses blacklisted and it is probable that some portion of your email will be sent from a blacklisted IP address.  This only becomes an issue when a significant amount of your email from that provider is sent from blacklisted IP addresses.  MxToolbox Delivery Center included Adaptive Blacklist monitoring to detect, via DMARC, the IP addresses being used to send your email and analyze the blacklist status of the IP when the email was sent.  You’ll know if your 3rd party ESP is helping or harming your email delivery.  

Are Blacklists still relevant?

Blacklists were developed as a way to mark IP addresses used to send spam, IP addresses at risk of sending spam due to poor configuration or domains used in spam emails.  Blacklists would be consulted by an inbox owner when making email delivery decisions and should not be used to modify web traffic.  

The Arms Race

Early on spammers could set up an email server on any network and send unsolicited email to whatever email addresses they could scrape off the Internet.  Inbox Providers and other Companies then set up lists of IP addresses that were sending spam and shared them with each other – the first blocklist/blacklists came from these casually developed lists.  Eventually, blacklist providers emerged as a profitable business model and even developed traps to harvest the IP addresses of spammers without impacting actual users.  Blacklists became highly useful to block malicious email from a single email-sending IP address or small network.

Spammers could see the inevitable downturn in their scams and quickly changed IP addresses to resume sending spam.  Blacklists detected the new spam IP address, listed it and Inbox Providers blocked email from it.  This cycle continued.  Some Blacklists started listing entire networks and Internet Service Providers to stop them facilitating spam.  The downside is that legitimate senders can get caught in this cycle, but often have trouble changing IP addresses.  Delisting is available but sometimes time-consuming which delays or degrades regular business operations.  

Legitimate Email Marketing Can Be Blocked

Email marketing became a necessity to get a business growing on the Internet.  Setting up a mail server, maintaining it and keeping it off of a blacklist with any sort of email volume was difficult for smaller businesses.  Large companies could easily afford a big pool of IP addresses and several mail servers to shift load around. Entrepreneurs stepped in and created email marketing/email blasting companies to fill the gap. Email marketing firms took on the risk of blacklisting and the responsibility of moving the load around, as well as getting the IP addresses delisted in a timely manner.  But, which emailers were legitimate and which were spammers?   SPF, Sender Policy Framework, allowed businesses to designate an email marketing company as a legitimate partner.

New Technologies Emerge

Inbox Providers then changed the game, scanning for SPF to ensure legitimate outsourcing.  Most companies will not process an email if it does not pass SPF Authentication or SPF Alignment.  The next step was checking digital signatures using DKIM and tying it all together with DMARC.  This created a big bar to jump for many spammers, but also businesses.  An email needs to pass SPF or DKIM checks to be DMARC compliant and a sender needs to actively manage email configurations to get an email delivered.  A comprehensive email delivery tool like MxToolbox Delivery Center has become a necessity for understanding DMARC reports, managing configurations and maintaining good email delivery.

Spammers are beginning to adapt by hacking legitimate business email accounts or adopting SPF, DKIM and DMARC for their look-alike spam domains.  Unfortunately, small businesses are still lagging behind and their email delivery is suffering. SPF, DKIM and DMARC have become the minimum for good email delivery,  

So, are Blacklists Still Relevant?

Blacklists are less important than they were in the past.  You should think of email security as layers on an onion:

  • Blacklists
  • SPF
  • DKIM
  • DMARC
  • Internal Filters
  • Relevance Filters

If being on a blacklist is affecting your business, your email isn’t even making the first layer of security and you’ve failed to take advantage of all the tools you have available to manage your email deliverability.  Being blacklisted is like a heart attack, it’s a sign that you need to rethink everything, change your email practices and adapt to the new technology landscape.

Ultimately, blacklists may only be useful for on-premise email hosts and will lose some relevance, especially for Inbox Providers like Google, Yahoo! and Office365. Blacklists are brute-force and can eliminate legitimate, relevant email when blocking spam. There are many more layers to jump through before you get to the Inbox that are easier for Inbox Providers to maintain and more effective at blocking undesired email and passing legitimate useful communications.  All businesses need to adopt the current email best practices: 3rd party email senders, setting up SPF, DKIM, DMARC, leveraging DMARC Reporting, etc.  

How can MxToolbox help?

Get started with Inbox Placement!  Your goal is to get to the Inbox, so start there.  We’ll analyze your email configuration and content to give you clear reasons why your campaigns aren’t making it and make recommendations to help you get there. MxToolbox Delivery Center also provides deep insight into DMARC, SPF and DKIM configurations and allows you to obtain feedback on recipient complaints, DMARC reports and emerging email threats.  Get comprehensive insight into your email delivery with Delivery Center.

DKIM is no longer optional

DKIM has been around for more than a decade but was not widely used until the DMARC standard added DKIM alignment and authentication as one of it’s passing criteria. Even now, many of our customers are telling us that DKIM is difficult to implement and they view is as less important than a proper SPF configuration. However, a new trend is making DKIM an absolute email delivery requirement.

What is DKIM?

DKIM is a technology that allows email senders to cryptographically sign their outbound email. This signature can then be verified by the recipient as proof that the email was legitimately from the domain signing it and that the message was not altered during transit to the recipient system. You can learn more about DKIM on our blog.

How does DKIM work with DMARC?

For an email to be DMARC compliant (and therefore more likely to be accepted and make it to the Inbox), an email must either pass SPF checks or DKIM alignment and authentication checks. This allowed for some edge cases, for example: an email could fail SPF because the sending IP address was new or because Marketing adopted a new 3rd party email sender that was not in the SPF record, but if DKIM was properly implemented, it would still be DMARC compliant. Similarly, if DKIM was missing or if a forwarder had broken the DKIM signatures, then the email could be DMARC compliant if it passed SPF checks. When DMARC was still in the adoption phase, these allowances for edge cases made sense and are still part of the standard.

How did DKIM become necessary?

While the DMARC standard specifies a minimum threshold for compliance, Inbox Providers and businesses can set higher thresholds to protect their users. Our Experts are now seeing Inbox Providers and many large businesses require DKIM compliance as part of their inbound email vetting processes. Basically, if your email does not pass both SPF and DKIM compliance checks, you may not make the inbox.

Get DKIM compliant as soon as possible! The only downside is the cost of initial setup but the long-term (and potentially immediate) benefit of DKIM compliance means that you are more likely to get delivered and make the inbox.

How can MxToolbox help?

Our Experts are here to get you SPF, DKIM and DMARC compliant and help you manage the on-going maintenance that keeps your email delivery in peak form. MxToolbox Delivery Center has tools to get you DMARC compliant, test Inbox Placement and react to Recipient Complaints. Or leverage our expert team with Managed Email Services.

The Days of Unsolicited Email are Over

What is Unsolicited Email?

Sending email to any email address with which your company does not have a direct relationship is considered Unsolicited. Unsolicited email has also been called “spam” but we prefer to reserve that term for email that has a malicious component. Legitimate businesses may send an unsolicited email without it being nefarious. To get an email address legitimately, your company, domain, marketing team must have direct contact with the owner of the address.

Who is still sending Unsolicited Email?

Amazingly, many legitimate businesses are still sending unsolicited emails and some of them are quite dependent on it. While marketing best practice is to only use email addresses that have been double opted into receiving email, it is still very easy to purchase lists from events, 3rd parties, list scrapers and “related businesses”. One favored tactic is to bury the right to give the “company or its partners” the right to use an email address in the Terms and Conditions of the website or application. Most of the time, this is a legal way of ensuring that it is acceptable to send email using an email marketing service on behalf of the domain, but it can also be legal padding for reselling the email address.

It is very tempting for small or startup businesses to purchase “seed lists” to get started on their email. This is now highly risky for your brand.

What is killing it?

Inbox Providers, like Google, Yahoo and Outlook/Office365 are in a constant battle to not only eliminate malicious emails like spam, phishing attempts and malware from the inbox, but also improve email relevance.

Email is relevant when:

  1. The recipient opted to receive email from the sending domain.
  2. The user does not mark the email as spam or more it to the spam folder.
  3. The user opens the email (typically because the subject line or sending domain is interesting).
  4. The user clicks on a link in the email (typically because the content of the email is interesting).
  5. The user moves the email from the Spam Folder to the Inbox.

Inbox Providers are now aggregating statistics for email sending domains across all their hosted inboxes. This means behavior in one inbox affects your email delivery to other inboxes at the same Inbox Provider. Inbox Providers cannot measure #1, but they can, and do, measure the other parameters. High rates of being marked as spam, low open rates and low click-through rates are huge indicators that the email is unsolicited. Over time, domains that send large amounts of irrelevant, unsolicited email will be dumped in the spam folder. This type of Domain Burnout can be fatal for a domain.

How can MxToolbox help?

If you have burned out your sending domain, we can help you setup a new domain, but realize, unless you change your email practices, this will happen again. DMARC, and a DMARC management tool like MxToolbox Delivery Center will help your sending domain achieve the best possible email delivery. In addition, our Inbox Placement feature will tell you if your campaigns are being dumped into the spam folder or making it to the Inbox and which Inbox Provider you are having trouble sending to.