Author Archives: stephenmxtoolbox

Blacklisted? Get DMARC

Blacklisting is the oldest form of spam protection.  Inbox Providers keep a list of IP addresses and domains that recently sent spam and block them from the inbox.   Blacklisting eventually evolved to include 3rd parties maintaining and selling blacklists derived from spam traps, honey pots, and lists gathered from multiple inbox providers.  As an email sender, being blacklisted is a sign that you are not adequately managing your email delivery posture.  But, blacklisting is not the only way Inbox Providers protect their users from spam.  Increasingly, Inbox Providers are using technologies like SPF, DKIM and DMARC to make inbox delivery decisions.

DMARC Helps Prevent Blacklisting

Your IP addresses and Domain can be blacklisted for many reasons:

  • Spam appears to be coming from your IP addresses or Domain
  • Sending too much email from a single IP address
  • Sending email from an IP address that also sends spam
  • Email recipients marking too much email from your Domain as spam
  • Improper Forwarding
  • Domain included in Fraud and Phishing emails
  • Using spammy wording in your email content

With the right DMARC setup, you can almost completely block spammers from spoofing your domain, or using it in spam, fraud and phishing emails.  Adopting DMARC would then eliminate three reasons why your Domain could be blacklisted, dramatically improving your email delivery posture and helping you get your business message to your intended audience.

DMARC Might be More Important than Blacklisting

Blacklisting was once the first line of defense.  Now, Inbox Providers are increasingly using more complex algorithms to determine the quality of the email they deliver to inboxes.  These algorithms weigh content, blacklisting, DMARC and other factors to determine placement in the Inbox, Junk/Bulk/Spam Folder or simply dump the email entirely.  In the new algorithms, DMARC configuration might weigh more heavily than Blacklisting.  

Since DMARC depends upon two other technologies, SPF and DKIM, DMARC setup requires more time and attention to setup.  This means your team cares about email delivery management and is more active in the management process.  Inbox providers like Gmail, Yahoo! and have begun to prioritize DMARC compliant email.

Blacklists are simple and fallible.  A legitimate email can put a company on a blacklist if it falls into a honey pot or gets reported as spam by enough email recipients.   In addition, many companies use 3rd party emailers with large IP address blocks.  These mass emailers rotate through the IP addresses when sending email for all their clients.  Not only could your email be sent from the same IP address as many other businesses, but that IP address could be blacklisted because of the other companies’ content.   Inbox Providers know the limitations to blacklisting and the benefits of DMARC and their proprietary algorithms reflect this, making DMARC adoption a business requirement.  Even if you are blacklisted, DMARC can help you reach the inbox.

How does DMARC work?

Adopting DMARC gives you the ability to do three important things:

  1. Get feedback on how much of your email is passing SPF, DKIM and DMARC checks
  2. Get forensic examples of failed emails
  3. Set a policy for how Inbox Providers handle email that fails DMARC checks

Feedback on email allows you to identify SPF and DKIM configuration issues with legitimate senders, improve these configurations and identify illegitimate senders which may be fraud or phishing threats.  Once you have corrected your configuration issues for legitimate email senders, you can change your DMARC policy to instruct Inbox Providers to Reject email that fails SPF, DKIM and DMARC checks.  DMARC Reject policies give Inbox Providers comfort that you are actively managing your outbound email.

MxToolbox Delivery Center

To maintain the highest levels of email deliverability, businesses like yours need a proven Email Delivery management system like MxToolbox Delivery Center.  Delivery Center provides you with valuable insight into your email delivery posture and the ongoing maintenance necessary to maintain peak performance:

  • Manage SPF, DKIM, and DMARC (and BIMI) to improve compliance and reduce the threat of fraud and phishing using your domain.
  • Review daily volume and SPF, DKIM, and DMARC compliance rates to ensure the best email deliverability.
  • Implement Feedback Loops to gain unique information on how your recipients view your emails and when they mark you as spam.
  • Gradually move your DMARC policy to Reject to enable better inbox placement opportunities.

Email Deliverability in the Travel Industry

Traveling is one of the most enjoyable experiences a person can have and is a widely popular leisure activity.  Travel is also a risky endeavor, requiring careful planning and sometimes last minute itinerary changes especially in business travel.  Lodging and airfare are typically the most expensive pieces of the budget, so you want partners you can depend upon to inform you of confirmations and itinerary changes in a timely manner.  But, can you trust the emails that come from these airline partners?

DMARC Creates Trusted Senders

DMARC is a requirement for trusted email communication.  An email from a sender with DMARC properly configured to a strict “Reject” policy can be trusted.  Without a “reject” policy, a sending company could easily be spoofed by a fraudster and have that email accepted by inbox providers.  Adopting DMARC protects the email recipient and the corporate brand.

DMARC Adoption in the Airline Industry

Trusting email correspondence from your airline is an important part of enjoying your travel experience.  If an airline domain can be easily compromised by fraudsters, your travel plans are at risk.  Unfortunately, email hygiene and DMARC adoption rates are low among airlines.

MxToolbox’s September 2020 study uncovered the following concerns about airlines ability to deliver emails to their travellers:

  • 8% of airlines sending IP addresses are blacklisted, meaning that email from these domains could be blocked from your email entirely.  Good luck getting that flight update.
  • Only 40% of airline domains have adopted DMARC.  Email delivery from the other 60% of airline domains is at high risk for fraud and phishing and may be more likely to end up in the Junk folder than the Inbox.
  • Only 14% of airlines are using Strict DMARC policies (7% Reject, 7% Quarantine).  The remaining companies are at high risk of being used for fraud and phishing.
  • Only 1 Airline has deployed BIMI to display their logo in the recipients inbox. BIMI gives an extra level of assurance that the sender is legitimate and reinforces the corporate brand.

Protecting Your Brand with DMARC

To maintain the highest levels of email deliverability, businesses like yours (and these airlines) need a proven Email Delivery management system like MxToolbox Delivery Center.  Delivery Center provides you with valuable insight into your email delivery posture and the on-going maintenance necessary to maintain peak performance:

  • Leverage our unique Adaptive Blacklist Monitoring to manage the email reputation of all your senders.
  • Manage SPF, DKIM and DMARC (and BIMI) to improve compliance and reduce the threat of fraud and phishing using your domain.
  • Review daily volume and SPF, DKIM and DMARC compliance rates to ensure the best email deliverability.
  • Implement Feedback Loops to gain unique information on how your recipients view your emails and when they mark you as spam.

Deliverability and Send Time Optimization

Several Email Service Providers, Bulk Email Senders, and Email Inbox Providers are offering a new type of service that promises to get your emails in front of your recipients at the top of the inbox and therefore increase your open and click-through rates. Does Send Time Optimization affect your email deliverability?

What Is Send Time Optimization (STO)?

Send Time Optimization, and a similar technology called View Time Optimization, uses artificial intelligence to analyze your email recipients email opening habits and times your emails to arrive just before the user would view or open their email box. The general pitch is that being the top email or first email a user sees improves the open rate and better open rates yields better click-through rates and purchases.

Does it work?

STO is attempting to predict when a customer will actually check email and open the emails in their inbox, while VTO is provider side technology to delay email delivery until the moment the inbox is checked. Marketing claims for STO/VTO range from improving open rates by 2% to 4x and click-through rates by 2% to 2x Note, improving open rates by 4x is ludicrous if your open rates are near the industry average 21%, so beware of what you are buying into. However, it seems reasonable that being top of the inbox would invoke a improved email metrics, especially in use cases that are geared toward re-engaging with a past customer.

Is STO Worth the Cost?

That really depends on your existing email delivery management posture. There are many options that can dramatically improve your email deliverability and therefore your open rates for less, and some techniques your should be doing before enlisting in an optimization service. Here are a few of our recommendations:

  • Slow your roll – Reduce the number of emails you send to your customers. Consumer email fatigue is a real thing that creates passive unsubscribe behavior, reducing your open and click-through rates. One company realized that four different product marketers were sending a weekly email blast about six different products all targeting senior executives. Combined with weekly newsletters and nurturing campaigns, webinar requests, etc. these prospects were massively turned off to the marketing message before they even read it. Open rates will suffer if you stuff the inbox so reducing the number of times you email someone is in your best interest.
  • Clean out your rolodex – Okay, really, clean up your contact lists. If someone has not opened an email in six months, unsubscribe them! They aEre no longer interested. Continuing to send to an out of date contact obscures what your real open rates really are.
  • Improve your content – Too often email marketers are inside-out, focusing on their product or solution without regard to the actual user or buyer. Your email marketing content should be outside-in: engaging and interesting enough for your users to open, read, and examine your offer. Also, it’s time to evaluate your subject lines, are they gimmicky and spammy? You could be turning off your audience, even if the email isn’t blocked as spam.
  • AB Test your pitches – Relying on old, out-of-date pitches can lower your open rates over time. Periodically AB testing new pitches forces you to reevaluate your marketing and may give new life to existing prospects, increasing open rates and click-throughs.
  • Improve your Email Deliverability Posture – Adopting new technologies like SPF, DKIM and DMARC can dramatically improve email open rates by increasing the amount of your email that actually makes it to the inbox. A recent MxToolbox customer saw a 2% rise in open rates in the first few months just by improving DMARC compliance.

MxToolbox Delivery Center allows you to peer beneath the surface of the iceberg and see the the hidden issues affecting your email delivery – Blacklisting, SPF Failures, missing DKIM signatures, low DMARC compliance, etc. Only with a tool like Delivery Center can you really understand and manage your email deliverability.

Our Recommendation

STO is a valuable technology, but works best when your email deliverability is already at its best. The more you can do to improve your delivery rates before taking advantage of STO, the more value STO will have for you.

The Awesomeness of Plus Addressing

Microsoft recently announced their plan to support plus addressing in Office365 accounts, so we thought we would discuss how useful this technology is. Hotmail and Gmail have had this feature for several years, but with the addition to Office365, the majority of business inbox providers now support it.

What is Plus Addressing?

Plus addressing is a way to leverage your existing email inbox to create multiple email addresses that point back to your email box. For example, if your email is “”, then email to “” or “” will also go to your inbox. “a” or “b” are considered a +tag.

How can I use it?

Plus tag addressing is highly useful, especially to those of us in highly technical environments. A few things you can do with it:

  • Create a +tag for your test accounts and segregate each days testing by the date
  • Create a +tag for different newsletters and filter based on the tag
  • Create a +tag for registrations and follow the distribution/sale of this tag to different “associated” websites

The permutations of +tags are truly infinite, allowing you greater control over your inbox and emails you receive.

Follow our Blog for more useful email delivery tips.

Problems with MxToolbox? Clear your Cookies

Every day, MxToolbox adds new functionality to the website. Sometimes, this puts our users and customers in strange states with their sessions and cookies.

Why Cookies?

Everyone loves cookies, tasty little crumbs of information that hang around in your browser (and sometimes your keyboard). Okay, not everyone loves cookies, but they serve a development purpose and MxToolbox uses them as part of both our Free and Paid accounts.

If our new features get in weird cookie states, we recommend that our users delete their cache and cookies and re-login to the website.

Deleting Cookies

Different browsers have different methods for clearing cache and cookies. Here are a few common examples:

MxToolbox Experts and Tools are here to help with your email delivery. Occasionally deleting cookies and clearing cache will help you access the most recent tools we have.

Google Joins BIMI Pilot

Google recently announced that it will begin pilot support for BIMI, the protocol that allows companies to declare an image to display in the inbox alongside the company’s verified emails. Google had previously joined the BIMI Working Group to help define the BIMI standard.

View Posts

What does this mean?

With Google piloting BIMI logo display in their inboxes, it should not take long for them to fully adopt BIMI in the inbox. When Google fully implements BIMI in their inboxes, anyone who has adopted BIMI as part of their email delivery will suddenly have their logo displayed in the largest inbox provider in the world.

When is this rolling out?

Google is currently piloting BIMI logos that have been certified by two Mark Verifying Authorities, Entrust Datacard and DigiCert. The exact duration of the pilot and the adoption of new MVA’s is to be determined.

What can you do?

To take advantage of the pilot you must adopt BIMI. Adopting BIMI requires a few additional steps:

  1. Setup SPF, DKIM and DMARC.
  2. Manage your DMARC compliance for legitimate senders. MxToolbox Delivery Center helps businesses like yours adopt DMARC to improve email deliverability.
  3. Gradually move to 100% reject DMARC policy.
  4. Create a BIMI logo and get it certified with an MVA.
  5. Configure your BIMI record.
  6. See your logo in the inbox!

MxToolbox is here to help!

Delivery Center provides best-in-class insight into your email deliverability, email configuration and email senders, including BIMI.

Managed Services gives you access to our team of email delivery experts to minimize your timeline to maximum email deliverability and simplify your adoption of important email delivery standards.

Authenticating BIMI – Mark Verifying Authorities

As we have discussed before, adopting BIMI will significantly improve the deliverability and visibility of your email in your customers’ inboxes. Since BIMI requires a strong Reject DMARC policy to display a logo, your email delivery will be already close to the best possible. The BIMI logo, especially in the short-term, will give you a branding advantage over your competitors and heighten visibility with your potential customers. However, the question is –

How can you prevent a fraudster from using your BIMI Logo?

If anyone could publish any BIMI logo they liked, then fraudulent email could be sent, with some difficulty, that mimics your real email. For example, is an open domain that looks similar to a popular parcel delivery company in the US with the right font. Setting up strict DMARC policies and BIMI on this domain takes time, skill and resources, but fraudsters tend to be adept at mimicry like this. If there were no way to verify the use of a corporate logo, fraudsters could setup fake domains that leverage well-known brands and domains. Enter Mark Verifying Authorities.

What is a Mark Verifying Authority (MVA)?

An MVA is similar to an SSL Certificate Authority, a trusted 3rd party that issues a certification of ownership of a BIMI logo. Known as a Verified Mark Certificate (VMC), the certificate is proof that a domain owner holds the rights to the logo image being used.

How do MVAs Verify Ownership?

MVA standards and practices are still in flux as the exact details of a VMC have yet to be ratified. However, the general requirements are:

  • Ownership or license to a registered trademark
  • Registered trademark must be registered in a competent jurisdiction
  • Proposed mark or logo must match the registered trademark
  • Owner or licensor of the trademark must also be the registrant (or licensee) of the associated domain name

How do I Implement a VMC?

VMC’s are not yet a requirement as BIMI is still in the roll-out stages, however, there are some things you can do to get ahead:

  1. If you have not already, now is the time to implement SPF, DKIM and DMARC and move to a strict Reject policy for non-compliant email. MxToolbox Delivery Center is designed to help you manage your email delivery.
  2. Research the Mark Verifying Authorities available and select one that works well with your business and begin the process of verifying your logo for BIMI.
  3. Add your VMC to the “a” tag of your BIMI record. This tag has been reserved for the signing authority.

MxToolbox is dedicated to helping our customers improve their email delivery. Continue to leverage our free BIMI Lookup tool as we add features relevant to VMCs and MVAs.

Delivery Center provides the best insight into your email delivery posture and MxToolbox Managed Services gives you direct access to our email experts to help you get started quickly.

Has your email been Spoofed?

Email spoofing can harm your corporate brand, decrease open rates for your legitimate email, cause legitimate email to be blocked, compromise website security and even create financial complications.  No company is totally immune from malicious email spoofing using their domain, but there are ways to protect yourself.  Spoofing comes in a few different forms:

  • Simple Domain Spoofing – a spammer sends email that looks like it is from your domain, but originates from a server that you do not control or not in your SPF record.
  • Hacked SPF Sender – A spammer hacks a legitimate sender, one listed in your SPF records, and sends email that appears to be from you.  
  • Hacked Internal Account – A hacker compromises an internal email box and sends email via legitimate sources.  
  • Similar Domain Spoofing – A spammer sets up a complete domain that has a similar name to yours.  For example, “” versus “” or “”.

Recently some fraudsters were brazen enough to attempt to spoof email from  This illustrates how our experts (and MxToolbox Delivery Center Product) protect us from fraud and phishing and how we can protect your company too.  

DNS Configuration

Good email delivery and protection from fraud and phishing attempts requires expert management of your DNS.  Four DNS protocols are particularly important:

  • SPF allows you to delegate outbound email to 3rd parties.
  • DKIM allows you to crytographically sign email to take ownership of the email you send.
  • DMARC provides two very useful features:
    • Allows you to designate email addresses to receive feedback on your email delivery.
    • Allows you to set an email delivery policy for how inbox providers handle email that isn’t DMARC compliant with either SPF or DKIM.
  • BIMI allows you to provide an icon that inbox providers may display if your email passes DMARC with a strict DMARC policy

Our spoofer used IP addresses outside of our SPF so failed SPF checks and DMARC compliance.  Additionally, our DMARC policy is set to reject, so inbox providers knew to discard these failed emails immediately.  Our expertly configured DNS helped us reduce the impact of this attack on our email delivery, our customers and the non-customers targeted.

You might think that DNS configuration is all you need to protect your email delivery, but there is more.


SPF, DKIM and DMARC Passing Rates

While DNS configuration is the most important first step in email deliverability, you need constant visibility into your email delivery status in order to protect your brand.  MxToolbox Delivery Center provides important insight into your email delivery posture with real-time statistics on SPF, DKIM and DMARC pass and fail rates across all your email senders, legitimate and fraudulent.  

In this case, MxToolbox Experts quickly noticed a spike in email from illegitimate sources.  Delivery Center reported this spike by analyzing DMARC reports approximately 24-48 hours before we began to receive bounceback notices from targeted inbox providers.  With strict ‘Reject’ DMARC policies in effect, our Expert team could rely on most inbox providers dumping these emails without delivery, however, we needed to analyze the potential risk.

Bounce Analysis

MxToolbox Delivery Center integrates a Bounceback analysis tool that allows us to analyze bounceback email messages from dozens of inbox providers to determine the reason an email failed to make it to the intended recipient.


Bounceback messages can help you understand recent attacks and prevent new ones.  For example, a bounceback due to Reverse DNS failure, as above, is an indicator that your spammer was using a server outside of your network and not listed in your SPF as was our recent spammer.  Bounceback messages can also provide insight into other reasons for delivery failure, including blacklisting, malware/spam content and more.

Feedback Loops

The newest visibility feature of MxToolbox Delivery Center incorporates Feedback Loops.  Feedback Loops allow Inbox Providers to return information from inbox owners to the original senders, including much of the original message header.  Analyzing message content and headers returned via feedback loops gives you unique insight into how your email is being perceived by recipients.  Did the recipient report you as spam?  Was the email actually fraudulent?  Was the content yours but appeared spammy?  Feedback loops are very powerful and a necessary part of maintaining high quality email delivery.  

Get ahead with Delivery Center

To maintain the highest levels of email deliverability, businesses like yours need a proven Email Delivery management system like MxToolbox Delivery Center.  Delivery Center provides you with valuable insight into your email delivery posture and the on-going maintenance necessary to maintain peak performance:

  • Who is sending email purporting to be from your domain
  • What is the reputation of your senders’ IPs
  • Geolocation of your senders and What their blacklist reputations are
  • How your SPF, DKIM and DMARC setup is performing
  • What senders are failing DKIM
  • What senders are failing SPF verification
  • When to setup more restrictive policies for DMARC
  • What on-going maintenance you need to maintain and improve your email deliverability


Is your email going to Spam?

Many of our customers hear about us because their business partners tell them that a message failed to reach their inbox or was found in the spam or junk folders.  The typical cause:  a blacklisted sending IP address.  While monitoring for blacklisting is fundamental for preventing email going to spam, inbox providers are now using more technologies to prevent spam from reaching their users.  You need to step up your game!

MxToolbox is here to help

Inbox providers like Google, Outlook and Yahoo! now scan incoming messages for spammy content or words, phrases, domains, and financial requests that are frequently found in spam.  Our SpamAnalyzer tool allows you to get insight into the spammy nature of your content and make changes before you send an email to your customers.

How does it work?

Create you email in your standard mass emailing platform and send yourself a test email.  Locate the email and view the email source.  Copy the email source and paste it in our SpamAnalyzer tool.


We run over 700 different types of analyses on your email and provide a detailed report on the tests.  Our report gives you the opportunity to improve your email setup and email content to give you a better chance to have your email land in inboxes and not in spam folders.

Other tools

MxToolbox focuses on providing tools and technologies to help our customers get their legitimate email to their customers, suppliers and partners.  If you are experiencing problems with email going to spam, we highly recommend a multi-step approach:

  • Check all your senders regularly for blacklisted IP addresses and domains (see Adaptive Blacklisting for our unique approach)
  • Make sure all your email senders are in your SPF record
  • Setup DKIM for all email senders
  • Setup DMARC to get feedback on your email
  • Enlist a DMARC analysis service (like MxToolbox Delivery Center) to get insight into the feedback you are receiving on SPF, DKIM and DMARC compliance and the emergence of fraud and phishing attacks using your brand
  • Analyze outgoing emails for signs of spam with SpamAnalyzer
  • Enroll in Feedback Loops to get direct customer feedback

Expert Support

MxToolbox is the expert in Email Delivery and we know that adopting email best practices can be difficult and time-consuming.  We offer a Managed Services approach to improve your email delivery allowing you to return to what you do best: your business.

A Case of Fraud and Phishing

Companies large and small are potential victims of fraud and phishing using their brands and domains.  If you leave your business unprotected, it is simple for hackers and fraudsters to leverage your domain and brand to email your customers scams.  Companies in banking, financial services and investment advice are at particular risk due to the potential for immediate financial loss.

MxToolbox Experts are here to help you prevent damage to your brand and improve your email deliverability.  Leveraging new email technologies, such as DKIM, DMARC, BIMI and others, our Managed Services team helps businesses worldwide with email deliverability and protect against fraud and phishing.

A recent Investment Advisory case study shows how MxToolbox can help:

  • Leveraging DMARC best practices to aid email deliverability
  • Improving SPF, DKIM and DMARC compliance rates
  • Implementing strict DMARC policies to prevent Fraud and Phishing
  • Dramatically Improving Email Open Rates

Read the Case Study