Author Archives: stephenmxtoolbox

Getting to the Inbox

The Inbox is The Target for email marketers. If the email doesn’t make the Inbox, then no one can open it or click on all our wonderful pitches. Getting dumped in the Spam or Junk folder can be a death sentence for your email marketing. There is a taint of suspicion to legitimate email that ends up in Junk or Spam folders. Is the email real or an exceptionally good phishing attempt? Is the sender spammy and not to be trusted? It leaves unanswered questions to your recipients.

Best Practices for making the Inbox

To achieve Inbox Placement, you need to develop an email marketing strategy based upon relevance, supplemented by good technology. The days of scatter shot email are gone. Emails must be tailored…

  • Target your Marketing to a Specific Persona – Know who you are communicating with. Too often email is used to attempt engaging a broad audience and fails miserably.
  • Have a Clear Objective – What is your goal? Engagement, a sale, a return to the shopping cart, the store, the site, a whitepaper, etc.?
  • Use Engaging Subject Lines – Do not be generic. Avoid “we have a sale” unless you are targeting bargain shoppers.
  • Make the Content Relevant and Interesting – How many emails do you receive every day that are completely irrelevant to your business or your interests? Those go in the trash right? (We call that Stealth Unsubscribing) Write content that resonates with the interests of your target persona.
  • Be Brief – Rather than have a laundry list of things to discuss, make it simple, direct and brief. Add too much and it reduces engagement.
  • Make Clear Calls to Action – Clearly ask for the click, the sale, the download, etc. Whatever your metric, make it clear.
  • Limit Your Linking – A few links are good to drive traffic to your website. Add too many links and you become confusing. Which is the most important? If there is really ONE objective, why do you have 20 links? This is just another scattershot approach.
  • Be DMARC Compliant – DMARC compliance allows you to demonstrate clear ownership of your emails and provides a level of trust for recipients. Inbox Providers are increasingly wary of non-compliant email and favoring compliance. To have the best chance to make the Inbox, your email must be DMARC compliant.

Why do “soft” factors matter as much as technology?

Relevance keeps the recipient from ignoring your email, marking you as spam, deleting your email without reading it or unsubscribing. Inbox Providers are now factoring in behavior across their inboxes for future email delivery decisions. A boring, irrelevant email might just be the last one that makes the inbox.

How can MxToolbox Help?

We provide free tools and paid to help you with email delivery. Most people start with our free Blacklist lookup tool to see if their sending domain or IP addresses are on a blacklist. While Blacklisting can prevent your email from making it to the inbox, it is no longer the most important factor. Two other tools have become important to Inbox Placement.

DMARC Compliance

To make the inbox, not only do your marketing campaigns need to be DMARC compliant, but all your email must be DMARC compliant regardless of source or volume. To achieve DMARC compliance for your email domain, you need a solid DMARC Reporting tool, like MxToolbox Delivery Center, and regular monitoring and management of your DMARC compliance.

Inbox Placement Analysis

Our Inbox Placement feature allows you to send a test email or campaign to us. We determine if the email will make the inbox at major Inbox Providers like Google, Yahoo! and Outlook.com/Office365. We also analyze important technology and soft factors like:

  • DMARC Compliance
  • Broken or copious links
  • Wordiness
  • Broken or too many images
  • Spammy verbiage
  • Other indicators of spam

Fortunately, Inbox Placement is a feature of all Delivery Center plans, so you can test your marketing emails and improve your DMARC compliance all in one place.

Does DMARC and email deliverability seem too complicated?

MxToolbox Experts are here with a Managed Services approach to your email configuration issues.

The Myth of Free Email Marketing

For the last 20 years, email marketing has been considered “free” marketing. The monetary costs to send an individual email have been negligible: once an email address is legally obtained, your marketing team can send all sorts of emails to that address with the only costs being the creative assets, the pitch and the price of the email marketing tool. With the main expense being the cost of getting the email address legitimately, you could try every pitch in your playbook until something sticks, right?

Unfortunately, recipients and inbox providers are looking for relevant, engaging content. Hammering away at any random pitch is now jokingly referred to as “spamming”. Let’s look at some of the costs and issues MxToolbox Experts see on a daily basis with our customers.

Note: DMARC compliance has ZERO influence on any of these issues. Being DMARC compliant and using a DMARC reporting service like MxToolbox Delivery Center is a minimum for email delivery. This article is about best (and worst) practices in email marketing.

Email Fatigue

Simply put – sending too many irrelevant emails to the same people until they are bored and tired of it. Eventually, they will unsubscribe or mark you as spam. At that point, you are done with that recipient.

For example: We worked with a company where every Product team wanted to target the CEO as a key decision maker. The customer sent weekly campaigns for each of their five products, so essentially a daily drip to the most important client. How long was it before the targets unsubscribed? (By the way, don’t expect C-level people to read non-targeted, non-customized email.)

The cost of email fatigue is an unsubscribe, a lost ear/eye for your products that could be relevant to the recipient. If you think you have something relevant to say, shouldn’t you say it first? Don’t use a shotgun approach, try a single, targeted shot.

Brand Erosion

Similar to email fatigue, recipients get tired of seeing emails that do not reflect their interaction with the brand. Typically, these are poorly targeted emails, emails off brand or offensive. Over time they stop doing business with your brand entirely.

Every week, I receive at least five emails from a major US retailer. Most of the email is “we have a sale!!!”, but it is completely generic and requires me to click on one of thirty links to do a search on their site to see if there is anything that interests me. I don’t. Why don’t they use their extensive history of my purchases to highlight at least one sale item I might buy? Why don’t they use my age and location to suggest purchases? It’s lazy and poor marketing and makes me concerned for the long-term of that company.

The cost of brand erosion is complete turn-off to the brand. This can lead past casual boycott to negative promotion to others.

Stealth Unsubscribers

When a recipient unsubscribes, it’s a clear signal that they no longer want marketing emails from you. However, users often unsubscribe by stealth – basically ignoring your messages by deleting them or marking them as read. This is a sign of email fatigue or brand erosion, but it’s subtle and you have lost connection to a potential buyer. They don’t hate you enough to unsubscribe, but, no longer pay attention to you.

By looking at open rates for individuals, you can see those that have tuned you out. Pull them from your lists for a while or revisit your campaign settings to find relevant content to reengage them.

Domain Burnout

Recently, MxToolbox has seen a spike in customers complaining that all their email is marked as spam. This is a symptom of Domain Burnout and can be for one or multiple inbox providers. Unfortunately, this domain is now tainted and may become permanently banned, unless corrected quickly.

In an attempt to make email relevant to their users, Inbox Providers developed algorithms that look at email volume by sending domain and the volume of email marked as spam. At a certain ratio, an entire email campaign is considered spam. Overtime, if this continues, the entire domain will be considered a source of spam and dumped in the spam folder.

We typically see this with domains that send large volumes of unsolicited email. However, as Inbox Providers clamp down on spam, we feel this is a significant risk for all small and medium sized businesses. Whether you are buying lists to get your business started or using old lists, care must be taken to limit the amount of email sent to suspect lists. Sending large amounts of unsolicited, or semi-consensual email will impact your domain’s reputation.

MxToolbox Expert Take

Email is not a free commodity. Every email address you receive has value and should be treated with respect. Mistreatment of an email address leads to poor email delivery and negative consequences for your brand. Take care to target your marketing, be careful with the volume, make your copy relevant and be mindful of the age of your email addresses. Remember for B2B contacts, people change jobs every 3-5 years.

Your email configuration should always be carefully configured and controlled. SPF, DKIM and DMARC are minimum requirements for email delivery. Use a DMARC reporting service like MxToolbox Delivery Center to ensure peak email deliverability. And, read our Blog to keep up to date with email trends.

Is BIMI Dead?

When Google, Yahoo and Apple announced their email applications would support BIMI, it appeared that BIMI was ready to become an important standard in email marketing. Think about it: Your precious logo directly attached to every email you send, right there in the subject line. You get instant brand recognition and, thanks to the DMARC requirement, trust.

But, BIMI adoption is hitting some serious speed bumps…

What’s going wrong?

BIMI has two major technical issues and one misconception contributing to slow adoption by businesses. Let’s start with the misconception.

BIMI Requires Strict DMARC policies

In order for an email to even be considered for BIMI, the sending domain must have implemented DMARC, must send DMARC compliant email and must configure their DMARC policy to 100% Reject or Quarantine. The major misconception we hear from our customers is: “Strict policies might stop some legitimate email from getting to the recipient”.

There is some truth to this, so, let’s break it down:

  • Email that is not DMARC compliant is inherently assumed to be suspect by the Inbox Provider.
  • Email that is DMARC compliant has a higher trust level.
  • Strict DMARC Policies instruct the Inbox Provider to stop non-compliant email.
  • Inbox Providers may choose to ignore or accept DMARC policies, but most incorporate them into their inbox placement algorithms.

Regardless of your DMARC policy, non-compliant email will be suspect, however, with a stricter policy ALL your compliant email will have a higher trust level. Going to a strict DMARC policy is better for your email delivery. You can fix a temporary compliance issue, earning trust is hard.

MxToolbox Delivery Center was designed to help keep all of your legitimate email DMARC compliant and quickly alert you to areas of non-compliance to keep your email deliverability at the highest level.

Getting a BIMI-Compliant Logo can be Difficult

The BIMI standard requires a square logo that reflects the brand of the domain, formatted in SVG, that meets very specific requirements and often requires “a few manual tweaks”. For most of our clients attempting to adopt BIMI, MxToolbox has found that getting a BIMI-compliant logo to be time-consuming and difficult. Until this process is simpler, companies will struggle to adopt BIMI.

Most BIMI Inbox Providers Require a Certificate

The BIMI Group originally made BIMI completely open on the assumption that achieving DMARC-compliance with strict policies was sufficiently difficult to prevent spoofing. However, spammers and fraudsters are quite savvy and capable of adapting quickly. For example, grab a BIMI logo from a legitimate company like Bank of America, setup a fake domain like BanofAmerica.net with SPF, DKIM, DMARC and BIMI and start spamming. It looks legitimate enough to fool the average spamming target and leverages a known brand’s legitimate logo.

To combat this potential loophole, BIMI Inbox Providers are requiring an evidence document called a Verified Mark Certificate (VMC) issued by a 3rd-party authority like DigiCert or Entrust Datacard. These authorities investigate your domain and issue a credential that certifies your DMARC and BIMI setup and issues a certification specific to your domain. This is similar to having a Secure Certificate for SSL/HTTPS.

The speed bump for BIMI adoption is that there are only two VMC issuers at present and the cost is $1100-$1500 per year, per domain. While this is negligible for big, well-known brands, smaller companies or companies with multiple domains may be priced out of the market further reducing the potential of BIMI.

The MxToolbox Expert Take

BIMI has become a bit of a moving target that makes it difficult to recommend at present. While our team of experts stands by to help you adopt SPF, DKIM, DMARC and BIMI, we no longer see BIMI as being essential or urgent until the standard stabilizes and/or the costs decrease.

Adopting DMARC and getting DMARC to a strict policy is imperative for good email delivery and adopting BIMI. Get started today with MxToolbox Delivery Center

Apple to Support BIMI in Native Mail Applications

Apple Mail recently announced BIMI adoption within its email applications in iOS 16 and MacOS Ventura. In September. Apple will become the most recent email client to support BIMI.

Why adopt BIMI?

BIMI gives email recipients more confidence in messages they receive and helps them avoid fraudulent emails by forcing senders to utilize new technologies to make email more secure.

BIMI gives marketers and businesses enhanced branding opportunities by attaching the company’s logo to verified messages in the inbox as a reward for adopting DMARC email security technologies. Your customers will trust your correspondence more and your brand will be enhanced.

What is BIMI?

BIMI, or Brand Indicators for Message Identification, is a DNS-based email technology that allows a company to specify a logo for inbox providers to display in an email client. Email providers, such as Gmail, Yahoo Mail, and now Apple Mail, can show this logo to their users in the subject line of certified messages from the sending company. If you receive a legitimate email from Yahoo!, for example, this logo will appear:

How do I get BIMI?

BIMI requires DMARC. Before you can get your logo displayed in Apple Mail’s inbox, you need to get your email fully DMARC compliant, then apply strict DMARC policies. Becoming DMARC compliant is a process, but it is very beneficial and strongly recommended. You need to know who is sending email on your behalf, ensure they are properly configured with both SPF and DKIM, and regularly monitor DMARC delivery reports to understand DMARC compliance.

Once your verified email sources are fully DMARC compliant, you can start enforcing stricter “Quarantine” or “Reject” policies with your DMARC configuration. Inbox Providers like Yahoo!, Google and now Apple Mail will only attach a BIMI logo to your email if the email is DMARC compliant and you have a “100% Reject policy”.

Need Help with BIMI and DMARC?

Checkout your BIMI configuration

Our free BIMI Lookup tool searches for a BIMI record for any submitted domain name. If a record is found, it is shown in detail after a series of diagnostic checks are performed against the record. For example, below are the results for chase.com.

Get DMARC Compatible!

To maintain the highest levels of email deliverability using DMARC, businesses like yours need a proven Email Delivery management system, such as MxToolbox Delivery Center. Our Delivery Center provides valuable insight into your email delivery status and the continual maintenance necessary to sustain peak performance, including:

  • Manage SPF, DKIM, DMARC, and BIMI to improve compliance and reduce the threat of fraudsters and phishing campaigns using your domain.
  • Review daily volume and SPF, DKIM, and DMARC compliance rates to ensure the best email deliverability.
  • Implement Feedback Loops (FBLs) to gain unique data on how your recipients view your emails and when they mark them as spam.
  • Gradually move your DMARC policy to “Reject” to enable better inbox placement opportunities and reduce the risk of phishing and fraud using your domain.
  • Manage the ongoing requirements of maintaining optimal levels of email deliverability and security.

Want more assistance? MxToolbox has a Managed Services offering to get you DMARC compliant and maintain the highest levels of email delivery.

Monitoring Complaints to Improve Email Reputation

As marketers, we all use some sort of marketing list for our email campaigns. These are typically opt-in prospects or existing customers. Sometimes we acquire lists from 3rd parties or put a case study or some other thought leadership behind a registration wall to obtain new marketing contacts. Regardless of where we acquire the email address, it has a certain value to us. But does the correspondence have value to the recipient? If not, it can affect your long-term sending reputation.

CAN SPAM

Before the CAN SPAM Act, end-users were inundated with junk email. This forced Inbox Providers like Google, Yahoo!, Hotmail and others to implement Junk and Spam filters to keep email at least somewhat relevant for their users. With the Act, marketers were now made responsible for policing their lists and removing anyone who opted out or unsubscribed. It’s an imperfect solution for several reasons:

  • Bad actors can completely ignore CAN SPAM.
  • Legitimate marketers can get email addresses from many sources, including the user, so the Inbox Provider cannot block unsolicited email.
  • Legitimate emailers can still “spam” a user with large amounts of irrelevant email unless that email user unsubscribes.
  • Unsubscribe methods may be complicated enough that users find it difficult and give up.

For these and many other reasons Inbox Providers have developed their own mechanisms to fight irrelevant email, spam and junk. These analyses can derail even well configured emailing domains.

Proprietary Junk and Spam Algorithms

Google, Yahoo!, Outlook.com/Office365.com, McAfee, Symantec and many other providers of inboxes or email gateway filtering software have come up with many ways to separate the valuable correspondence from the junk, spam and dangerous:

  • Blacklists – If the sending IP is on a blacklist, it’s probably spam. There are dozens of reasons for blacklisting, which includes being flagged as spam somewhere.
  • SPF Authentication – If the sender’s servers aren’t listed in the SPF record for the sending domain, it might be spam.
  • DMARC – If the sending domain fails, SPF checks or DKIM checks, then it might be spam. Our Delivery Center product started out as a DMARC compliance tool.
  • Attachments – Most inbox providers scan attachments for known malware and discard infected messages.
  • Subject Lines – There are certain subject lines typically used in spam and junk. These are easily filtered out.
  • Content – Content quality is an emerging issue for inbox providers. For example, dollar signs “$” or frequent use of FUD phrases might indicate spam. You can find more information about Content with our Inbox Placement tool.
  • User Feedback – Users provider direct and indirect feedback on relevance of a sender.

User Complaint Metrics Affect Email Delivery

Aggregating User Complaints is a great method for Inbox Providers to understand sending domain relevance across all their inboxes and discover emerging threats to their users. For example, your domain sends a legitimate marketing campaign and the Inbox Provider see the following:

  • ~20% of recipients open the email (based on global average open rates, yours may differ)
  • Some open the email and delete it without really reading it, indicating low engagement.
  • Some delete the email without opening, indicating apathy or disinterest.
  • Some mark it as spam or junk and even why they think it’s junk or spam.
  • Some click on your unsubscribe link, which can be tracked.
  • Some unsubscribe through the provider UI.
  • Some go to disused or invalid email addresses.

Do you know what these numbers are for your domain? Inbox providers are rating the deliverability of emails from your domain taking these new factors into account.

What can Marketing Do?

The good news is that Inbox Providers are willing to share your deliverability information with you! Called Complaints or Feedback Loops, Inbox Providers enable legitimate domains to subscribe to the complaints they receive from their users. Complaint detail can be:

  • The number of complaints received.
  • Email subjects that resulted in Unsubscribes, Spam Complaints or were marked as Junk.
  • Email addresses that bounce or were invalid.
  • Email addresses that unsubscribed at the Inbox Provider level.
  • Email addresses that marked emails as Junk or Spam.

Marketing can then:

  • Review campaigns that have a high complaint volume to improve them and make subsequent campaigns better.
  • Remove bounced and invalid email addresses from email lists. They’re wasting money and hurting your sender reputation.
  • Unsubscribe customers from marketing lists if they complained or unsubscribed. These complaints hurt your domain’s sending reputation and impact how your customers view your brand.

MxToolbox Can Help!

Our Delivery Center suite of email delivery tools now includes Recipient Complaints: aggregation, analysis and actionable insight that integrates with the top Inbox Providers’ feedback and complaint loops. Getting each Complaint/Feedback Loop integration setup can complicated, so MxToolbox Experts have created a simple, step-by-step guide for each integration: Yahoo!, Google, Validity, Mailgun, Microsoft and others. Get Started with Delivery Center and start improving your email reputation!

Google’s Recent SMTP Relay Exploit and DMARC Policies

In April, Google began to see an uptick in spoofing attacks that utilized their SMTP Relay system and compromised Google accounts. They have closed the loophole by May, however, at least 30,000 malicious emails were detected in a two-week period. While this is an extremely small chunk of Google’s email traffic, similar exploits can affect other outbound email providers, requiring patches and constant vigilance.

What is the SMTP Relay exploit?

Google has a great reputation as an outbound sender so email coming from their servers is generally accepted. Google allows their customers to leverage that reputation to send bulk or large quantities of email through the SMTP Relay connection. Before the fix, this enabled any Google customer to send email that looked like another Google customer by simply putting their domain in the “From:” field. For example, SmallCompany.com gets hacked by a scammer and begins to send email that looks like GreatBrand.com, a well respected company also hosted at Google.

  • Blacklists – Google rotates sending IP addresses to minimize the affects of blacklists so a blacklist will not generally catch this issue.
  • SPF Authentication – Both SmallCompany.com and GreatBrand.com have Google’s servers in the SPF record, so it passes Authentication. This might be enough to make the inbox.
  • SPF Alignment – The “From:” address says GreatBrand.com. The <ReturnPath> is SmallCompany.com so it fails SPF Alignment.

So, unless the recipients servers are configured to check SPF Alignment, the Spoofing email may make the inbox. Any brand could then be compromised by a hack to another company in the same outbound email provider.

How do you protect your brand from spoofing?

First, you might think to bring all email in-house. This just compounds your risk. Google and other outbound email providers have more security experts and experience than even most large companies can ever hope to bring to bear. A small or medium business should leverage that experience to protect their brand and get their emails delivered.

Second, adopt DMARC and SPF, and DKIM. A properly configured SPF, DKIM and DMARC setup will help prevent spoofing of your brand and give you insight into potential spoofing issues.

Finally, adopt DMARC “Reject” policies. A DMARC “Reject” policy instructs recipient providers to highly scrutinize in-bound email and reject anything that fails SPF Alignment or Authentication. A “reject” policy would immediately fail email that arrived using the recent SMTP Relay exploit.

Why are few companies adopting “Reject” Policies?

If “reject” policies are great, why aren’t companies adopting them immediately? Unfortunately, there is a lot of fear and misunderstanding about “reject” policies. Our Experts receive push-back every day from our clients. Let’s look at a few examples:

“My legitimate email might be rejected”

While it is possible for legitimate email to be rejected, it is far more likely to be accepted if you have a “reject” policy in place. Inbox providers are looking for relevant content from senders with good reputations. By telling setting up DMARC with a “reject” policy you are telling them that you value your reputation. In addition, the “reject” policy is telling them to throw out emails that might harm your reputation.

“I won’t know if a legitimate source comes online”

Maintaining good email delivery means ensuring that all your legitimate email sources are managed actively. Each source should be included in your SPF record to ensure SPF Authentication. While it is possible for a department to bring in a new 3rd party email source without telling you, these vendors will have detailed information about proper SPF configuration as part of their on-boarding process. If it still slips by, then is it really valid email? Could that rogue department be hurting your brand? Regardless, a comprehensive DMARC reporting tool, like MxToolbox Delivery Center, will alert you that a potential Verified Email Source is missing.

“I won’t know if a phishing attack occurs”

The beauty of DMARC is that by publishing a DMARC record with RUA and RUF tags, you are asking for information about the compliance of emails that come “from” your domain. Inbox providers will tell you through an XML email report. Regular reviews of these reports will give you insight into legitimate sources that fail as well as emerging email threats from phishing attacks using your brand. While you can manually parse these XML files, most companies rely on a reporting tool, like MxToolbox Delivery Center, to process and distill these files into actionable insights.

“It seems complicated…”

While it can take some time to verify your outbound email sources, ensure that SPF and DKIM configurations are correct and monitor DMARC reports to ensure that everything is properly tuned, moving to a “reject” policy is not very complicated. MxToolbox Delivery Center uses our experience with DMARC to make recommendations on when to move to a “quarantine” or “reject” policy and how much of your mail to send under that policy.

If you still find it complicated, you can leverage our Expert Managed Services to help you with your configuration.

What do MxToolbox Experts recommend?

Our team of Experts is always evaluating the newest email technologies – DMARC “reject” policies are a necessity to help improve your brand reputation by stopping phishing attacks using your brand. If more brands adopted DMARC “reject” policies, phishing attacks would be greatly reduced. It’s time for all companies to be DMARC compliant – Get Started Today!

It’s time to adopt MTA-STS

Inbox Providers like Google, Yahoo! and Outlook.com are in a constant arms race trying to protect their users from spammers, spoofers and irrelevant content. Since the late 90’s dozens of new technologies have been proposed and adopted, including: Blacklists, TLS Encryption, SPF, DKIM, DMARC, BIMI and, now, MTA-STS. With the continued progression of MTA-STS, it is now time for all domains to adopt the technology to secure inbound email and reduce the threat of spam.

What is MTA-STS?

MTA-STS is an update to TLS Encryption that allows an Inbox Provider to specify a list of secure servers to receive email and mandates a secure TLS connection to these servers. Insecure connections will not be accepted. This corrects a few of the short-comings of TLS alone: Expired TLS Security Certificates, Man-in-the-Middle Attacks and attacks that downgrade to no encryption.

How does MTA-STS Work?

When a sender wants to connect to an inbox provider or domain’s email servers to deliver email, they first query the MTA-STS DNS entry which contains the location of a policy file. The policy file is accessed via HTTPs and contains information about the correct servers to use, which must match the MX records exactly, the TLS encryption requirements, the MTA-STS policy mode and the maximum length to cache this information. Senders then encrypt communication with the servers and transmit the email.

Since the sender is required to verify the connection and it is encrypted to known servers, the sender has a slightly higher level of trust. Any sender that fails this mini test can be considered a threat.

What does MxToolbox recommend?

MxToolbox recommends that all companies setup MTA-STS for their receiving domains to inform senders that their email servers and providers accept secure message delivery using SMTP over TLS and also require that email should not be delivered using an insecure SMTP connection. When MTA-STS is enabled for your receiving domain, it requests external servers to send messages to your domain only when the SMTP connection is authenticated with a valid public certificate AND encrypted with TLS 1.2 or higher. This is a higher level of security for incoming email and should reduce spam to your domain.

In addition, you should ensure that all your domain’s email senders support MTA-STS. This includes your email server software, email marketing, and any other potential email senders: CRM, Order Management, Support, etc. Once you select a provider’s MTA-STS policy, messages sent from your domain to external servers will also comply with the standard and improve delivery.

Test Your MTA-SLS setup with MxToolbox

To help all our users get a head start with MTA-STS, we’ve created a free lookup tool as part of our SuperTool. Check your MTA-STS policy setup as well as any email sender!

Check My MTA-STS

Does your email make it to the Inbox?

Inbox Providers are constantly adapting their algorithms to detect and eliminate spam while simultaneously elevating wanted email. This arms race puts Email Marketing at a disadvantage – we typically only receive a few data points:

  • # of Sent Emails
  • # of Emails Opened
  • # of Click-Throughs

While these leading indicators of sales are very valuable, they miss out on two key details:

  • Was the email delivered at all?
  • Was the email delivered to the Inbox or Spam/Junk Folder?

If you can’t answer those questions, then you may be missing out on simple methods to improve sales! Every email that fails to make the inbox is a conversation that did not happen!

MxToolbox Inbox Placement

The newest feature of MxToolbox Delivery Center provides you with direct insight into the inbox placement of your newsletters and campaigns at major inbox providers like Google, Yahoo! and Outlook.com. In addition, MxToolbox will analyze the each email for potential issues with content, format, sending configuration, etc that will impact email delivery. Learn More

How does it work?

MxToolbox Inbox Placement works in two ways:

  • Send a Test Email to our list of email boxes when creating new campaigns to see how they might perform. Refine your campaign to get better performance.
  • Include our email list in your newsletter and campaign lists to gain insight into how they perform in real-time.

Our tool aggregates campaigns/newsletters by subject and sending date, analyzes the contents and provides a clear, concise report of placement (Inbox, Junk/Spam, Not Delivered) and potential reasons for lower placement. Learn More

How do you get Inbox Placement?

Simply subscribe to MxToolbox Delivery Center to begin analyzing your Inbox Placement!

The Flavors of Successfully Delivered Email

Email delivery is a complicated thing. There are multiple layers of technology protecting an inbox at modern inbox providers like Google, Yahoo! and Outlook.com. For example:

  • Blacklists are used to identify IP addresses that have spammed or otherwise should not be trusted
  • SPF identifies legitimate sending IP addresses for a domain
  • DKIM allows a domain to sign email to ensure the integrity of the email
  • DMARC enables a sending domain to get feedback from Inbox Providers on SPF and DKIM compliance
  • Inbox Providers maintain internal Unsubscribe Lists
  • Inbox Providers maintains internal Spam Lists
  • Inbox Providers run proprietary Spam Content Analyses
  • Inbox Providers monitor engagement with emails from a domain

Email Delivery Standards

Technically Delivered

In the email world, a message is considered successfully delivered when the recipient can access the email. The email could be delivered to any subfolder for example:

  • Junk
  • Spam
  • Quarantine
  • Bulk
  • Promotions
  • Customer configured Filter or Subfolder

While this does not seem optimal to the recipient or sender, the email is accessible, just not in the main Inbox.

Undelivered email is completely inaccessible to the recipient. An email could be undelivered for multiple reasons, depending on how the Inbox Provider’s algorithms work:

  • The sending IP was blacklisted so the system declared the email Spam and rejected it.
  • The Sending IP was not listed in the Sending Domain’s SPF record. This is either a misconfiguration or a sign of a deliberate spoofing attempt.
  • The DKIM signature does not align with the Sender’s signature.
  • The recipient mailbox is full
  • The recipient mailbox does not exists

Marketing Delivery Success

Marketers only see email delivery as getting the email to the recipient’s Inbox. That makes sense as their mission is only accomplished when the email is Opened, Read and relevant links Clicked.

Obviously, there’s a bit of a disconnect between how IT sees delivery and how Marketing sees delivery. Both are correct for their purposes. They are simply not speaking the same language.

MxToolbox Helps you Reach the Inbox!

MxToolbox has long developed tools and services around Mailbox Delivery. Our early Delivery Center service focused on the primary technologies supporting email delivery: Blacklisting, SPF, DKIM and DMARC. Our newest features of Delivery Center change this focus to help the Marketer reach the Inbox.

Complaints

Inbox Providers often have a list of complaints leveraged by their users against Senders. Some even allow access to these complaints, which often include email reported as spam, dead email inboxes, full inboxes and even unsubscribes done only through the Inbox Provider. Delivery Center now includes a feature to integrate and aggregate complaints and make them visible and actionable for you to improve your sending reputation with Inbox Providers. Lowering your complaints goes a long way toward making your email deliverable to the Inbox. Learn more about Complaints.

Inbox Placement

Ultimately, Marketing looks at metrics like Open Rates, Click-through Rates and Purchases to judge an email campaigns strength. However, these indicators lag something more important: Placement in the Inbox. Delivery Center now contains a tools that enables you to test the inbox placement of an email campaign both before sending it to your customers and simultaneously with the bulk emailing. Inbox Placement works across the large Inbox Providers like Google, Yahoo and Outlook.com. Learn more about Inbox Placement.

Two-Factor Authentication and Security

Security is important for any system you use, but doubly important for communications systems like email. Think about what you store in your inbox:

  • A history of all communications with important clients, friends and family
  • Irreplaceable documents
  • User ID for other accounts
  • Purchase histories at online retailers

There are probably many more things in there that you don’t want anyone else to access. It is therefore important that your email provider take precautions to safe guard your email.

Good Password Technique

Protecting valuable, private data requires good password discipline. MxToolbox has a few suggestions for passwords to improve security:

  • Do not make the password a “word” or derived from a word – The more random characters, the harder it will be for a password dictionary to crack it through guesswork
  • Do not reuse passwords – Unfortunately, site breaches and bad password file controls have exposed millions of passwords. If you reuse a password that was exposed, you are just asking for a hacker to gain access to your account.
  • Use a Random Password Generator – The more random a password, the harder it is to crack. MxToolbox has offered a free, untracked random password generator for several years.
  • Use a Password Vault – A password vault stores all of your passwords in an encrypted state that only requires a single password to access. It’s easier to remember a single, long password so a password vault takes the load of all those lengthy, random passwords for you.
  • Use Two-Factor Authentication where available

What is Two-Factor Authentication (2FA)?

Passwords are simply insufficient to protect important information. A simple password can be guessed, a password file could leak, etc. Many online companies are implementing Two-Factor Authentication to provide an additional layer of protection to sensitive information. Two-Factor Authentication, or 2FA requires a password and a code or token sent to a trusted device.

Two-Factor Authentication is common for Apple, Google and many other major website users. For example, an Apple user would see a warning on their iPhone about a sign-in to their iCloud account on an iPad or Apple computer and require using that code on the account. Google uses a similar approach through a Google Authenticator app on your phone or device. Other websites will send a text message with an authentication code that you input into the site to verify your login attempt. Regardless of the implementation, 2FA helps to ensure that the login attempt is valid by requiring access to a trusted device meaning that a hacker would have to have both the login and the device to gain access to the account.

MxToolbox Offers 2FA

MxToolbox has implemented Two-Factor Authentication across all our services. Email is the life blood of many organizations and we feel that it is important to protect our customers from potential breaches that might expose sensitive information. We highly recommend that every customer turn on 2FA for their account.

How to configure 2FA at MxToolbox

  1. Log in to your account.
  2. Click “username@mxtoolbox.com” in top right corner for dropdown menu.
  3. Click “Settings” option directly below username.
  4. Click “2 Step Verification” tab (fourth tab in header).
  5. After reading the explanation, choose either Software Token (recommended), Test Message, or Disabled and follow the instructions specific to your preference.
  6. If you see Status: Enabled to the far right of the Two-Factor Authentication (2FA) heading, you have completed MxToolbox’s 2FA process.

By utilizing 2FA, a potential compromise of just one of the two factors will not unlock your MxToolbox account. So, even if your password is stolen or your phone is lost, the chances of someone else having your second-factor information is highly unlikely. If you utilize 2FA correctly, websites and apps can be more confident of your identity and allow you secure access to accounts.