Published on: by Jason Gilmore
I'm fond of saying that marketing and sales automation has ruined the web. It's just become too darned easy for organizations (both nefarious and otherwise) to obtain lists of leads complete with name, phone number, and email address and then spam them relentlessly with phone calls and emails in the hopes of making a sale or otherwise influencing the recipients' behavior. At the same time, communication mediums like email have become so ubiquitous that it's become difficult to imagine a world without them. Email is a great way to communicate with friends, family, and colleagues, as well as with customers and prospects.
But if you are sending a lot of email, it's important to understand what factors affect email deliverability rates. In this post you will learn how to evaluate your email domain to determine whether it is properly configured, what other factors might affect deliverability, and considerations for hiring an email deliverability consultant. Even if you are non-technical and have already concluded that you would prefer to hire a consultant, I urge you to keep reading so that you can have a more informed conversation with potential consultants.
Email deliverability refers to the ability of an email to successfully reach its intended recipient's inbox without being flagged as spam or blocked by email service providers (ESPs) or spam filters. It is critical to ensure that the messages you send not only land in the recipients' inboxes, but also result in at least a respectable portion of recipients engaging with the email in some way.
Achieving good email deliverability involves several factors, including:
Poor email deliverability can lead to your messages being diverted to spam folders or not being delivered at all, which can negatively impact your marketing efforts, customer relationships, and brand reputation. Therefore, understanding and optimizing email deliverability is crucial for effective email communication and marketing campaigns. In the sections that follow I'll focus on the two factors most likely affecting deliverability, including authentication and list quality.
To understand the role DKIM configuration plays in deliverability, imagine you're sending a physical letter to a friend. You put your signature at the end to show that the letter is from you. But is it really? After all, anybody could have forged your signature and fooled your friend into believing you finally admitted to stealing their lunch money in the sixth grade. DKIM prevents such email-based forgeries by adding a digital signature to your emails.
An acronym for "DomainKeys Identified Mail", DKIM is an email authentication technology that helps verify the authenticity of the sender and integrity of the email content. It does so by acting as the conduit for verifying a sender's identity using public key encryption. To do so, a public and private key pair are generated, and the public key is placed in a DNS TXT
record. Whenever an email is subsequently sent from your domain, the private key will be used to add an encrypted signature header to the outbound message. The recipient email server will then use the public key to decrypt the signature and validate the identity. If the signature is valid, the email is considered authentic and is delivered to the recipient's inbox. If the signature is invalid, the email is considered inauthentic and is either delivered to the recipient's spam folder or rejected outright.
It is critical to understand that if your organization uses a managed email service provider such as GSuite or Microsoft 365, then there is no need to generate your own DKIM keys. These providers will generate the keys for you and configure the DNS records automatically. However, it is equally critical to understand that if your domain DNS record are being managed at a service provider other than that being used for email, you will need to update your DNS records to reflect the email service provider's provided DKIM record! Further, if you are using third-party services such as Hubspot to send emails on your behalf, then additional steps will be required by that third-party service to send emails masquerading as you!
A DKIM record is managed as a TXT
record within your DNS administrator. It will contain the public portion of the public/private key pair generated for identity verification purposes. Here is an example DKIM record which happens to be the same used by EmailReputationAPI:
v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupJy99z8hUBrzThf/F31GbdKPNZTPfAjtUmmgk3L/ go27jYoWKoXbb6RRfqcsLbXKvG+eZGk/wXROiu/PgEdKLYLPxAnA+LbHyVPKFOZWnJZD/IkPuIpGEHyRkahhvgkA+5+fvoYOPo/ duzLXizw8JXHebksT+LYz3gE2+m8TynZle6rzRiyrGo3HVC/d2Y/ A1xNz6BquUjU6RlZ7Euwl8WmjWJ2vvltKv3zV1ZDL2qwQeIWxMAeU6XjiwzjQSa9/ tGdiRv8TX1qOTHtgqjkSTtw3QWmUn2P162mLx5zHxFP5C3Gci6JTta83K+pVj/yZ/Fv6lA5BDkuMDjsrv1wZwIDAQAB;
To understand the role SPF plays in email authentication, imagine you're the manager of a secure building, and you only want certain people to have access. To make sure only authorized individuals enter, you create a list of approved names. Anyone on that list can come in, but if someone's name isn't on the list, they can't get past the entrance. SPF works in a similar way in that it ensures emails for a particular domain can only be sent from one or more servers that have been authorized to send emails on behalf of the domain.
When an email is sent, the recipient's email service checks the SPF record of the sender's domain. It's like the entrance security checking the list of approved names before letting someone in. If the email comes from an authorized server listed in the SPF record, it's allowed through and lands in the recipient's inbox. If the server isn't on the list, the email might get rejected or marked as suspicious (just like someone without an approved name wouldn't be allowed into the building).
Like DKIM, these days chances are you won't need to generate SPF records yourself because you're likely using a third-party email services provider such as GSuite or Protonmail to manage your business email. However the aforementioned caveats apply regarding the need to nonetheless update your DNS records to reflect the SPF (and DKIM) entries provided by your provider.
Like DKIM, an SPF record is just a TXT
record managed alongside your other domain DNS records. Here is what the EmailReputationAPI SPF record looks like:
v=spf1 include:spf.privateemail.com ~all
For example if you're using GSuite then your SPF record will look like this:
v=spf1 include:_spf.google.com ~all
The most straightforward way to determine whether DKIM and SPF are configured for your domain would be to login into your domain's DNS manager and visually confirm existence of the respective TXT
records. However, if you're not sure how to do that, you can use a free online tool such as this one to do so for DKIM, and this one for SPF.
List quality is a measure of how engaged your subscribers are with your emails. It is a critical factor in determining your deliverability. If your list is full of inactive subscribers, your emails will be marked as spam and your deliverability will suffer. If your list is full of engaged subscribers, your emails will be delivered to the inbox and your deliverability will improve. But before you can even think about engagement, you should take a moment to consider whether the email addresses to which you are sending are even valid. Have they been audited to confirm they are valid syntactically? How many addresses in your CRM are anonymized, meaning the individual who signed up for a product trial or downloaded a PDF actively took steps to ensure you will be unable to identify or market to them? You should periodically audit all emails in your marketing database to confirm that each meets the following standards:
john@doe
or jane@[email protected]
won't ever be delivered because they don't represent valid addresses..edu
or .gov
.
There are well-known and straightforward steps your developers can take to ensure email validity, or constrain signups to specific domains, however there is much more your organization can do to ensure your list is of the highest quality. For example, you can use EmailReputationAPI to audit your list for anonymized domains, or to prevent individuals from registering for a trial using a personal email domain such as @hotmail.com
.
As is likely laid bare above, improving deliverability is going to require a certain level of technical acumen to not only update, manage, and monitor DNS records, but also to continuously audit your leads to filter out unwanted addresses. If you don't have the technical expertise in-house to do this, then you will need to hire a consultant to do so. However, if you do have the technical expertise in-house, then you can use EmailReputationAPI to automate the process of auditing your leads, and to monitor your DNS records for changes. If you would like some input regarding what other questions to ask potential deliverability consultants, feel free to email EmailReputationAPI creator Jason Gilmore at [email protected] with questions!
If you have any questions about how to improve your deliverability, please don't hesitate to email us!