I don’t think we can stress enough the importance of authentication in sending email.
Every day we find customers who have delivery issues that are instantly solved by updating SPF records or signing their emails with their own Domain Keys. Because we know how critical it is, we’ve built it right into the Postmark setup process. Interestingly, we actually have customers who think it’s a required step to use Postmark, and we don’t think that’s a bad thing.
Amazingly, over 60% of all Sender Signatures of our customers have DKIM and/or SPF setup correctly.
And of course, custom DKIM comes with any account for free, whether you are using the first 1000 credits or you’re a high volume sender.
Sign your emails, remove the doubt #
ISPs have a lot of tools at their disposal to check if what you’re sending to them is legitimate mail. As they continue to evolve, they get smarter and smarter at making that important distinction.
The new word of the day is engagement, the idea of ISPs watching what customers actually do with your email. For instance, whether they open it or send it to trash right away. If they open it, how long does it stay open?
All of this is meant to protect the recipient from not only Viagra email, but also useless junk mail. You can avoid a lot of delivery problems by simply telling the ISP who you are. Engagement, content scanning, etc are tools that ISPs use if they have doubts.
Your job, remove the doubt. And we’ve designed Postmark to help you do that.
The “why” to signing your emails #
When an email is sent to the ISP, they:
- check the IP reputation
- check the domain reputation
- check the content
We’ve got the IP reputation covered for you, but you are in control of the other two.
Content is the really tricky one, so you at least want to make sure the other two are rock solid. Your domain reputation is 2 parts being a good sender and 1 part making sure the ISP knows who you are. When you use an ESP, that means telling them that you have allowed us to send emails on your behalf.
What’s nice about transactional email, our speciality here at Postmark, is that most times you don’t need to worry about the tests of engagement, so long as you’ve shown the ISP that you are following the rules. Signing your email is key here, because once it’s signed, you’ve taken a lot of the doubt away. For example, a spammer can try to spoof @adobe.com. What they can’t do is access Adobe’s DNS, so they’ll never be able to sign their emails. When AOL sees an email from Adobe that’s not signed, it’s easier to make the decision to trash it.
“But I need to send on behalf of my customers” #
If you’ve been whitelisted to send from many domains, you probably heard from our team that we don’t recommend it, but we’ll do it if you need it. The reason we advise against it is that you end up sending email without authentication.
When you send from your customer’s email address, you’re not going to be able to sign that email with DKIM. Instead we’ll sign it with our own DKIM, but that comes with issues as well - like GMail’s “via” tag for example.
Our recommended approach is to send from your own email, and then change the From Name and Reply To to be the customers. For example:
"Bob Smith" email@example.com, reply to: "Bob Smith" firstname.lastname@example.org
Getting to the Inbox is really hard already. As a company, we want to make it easier, but we can’t do it all for you. We take a really strong stance on recommending email authentication to our customers in Postmark and we’ve designed it into our workflow to make it simple. With what we’ve seen, you’re doing yourself a huge injustice without it. ISPs, even smaller ones, are starting to make this a requirement for getting through.
Do yourself and your recipients a favor and just follow the simple rules. It’s already a difficult job. Not using DKIM yet? Go to your sender signatures page and follow the steps or sign up for a Postmark account and see how easy it is.
This post was originally published Dec 07, 2011