I'm fond of saying that marketing and sales automation has ruined the web. It's just become too darned easy for organizations (both nefarious and otherwise) to obtain lists of leads complete with name, phone number, and email address and then spam them relentlessly with phone calls and emails in the hopes of making a sale or otherwise influencing the recipients' behavior. At the same time, communication mediums like email have become so ubiquitous that it's become difficult to imagine a world without them. Email is a great way to communicate with friends, family, and colleagues, as well as with customers and prospects.
But if you are sending a lot of email, it's important to understand what factors affect email deliverability rates. In this post you will learn how to evaluate your email domain to determine whether it is properly configured, what other factors might affect deliverability, and considerations for hiring an email deliverability consultant. Even if you are non-technical and have already concluded that you would prefer to hire a consultant, I urge you to keep reading so that you can have a more informed conversation with potential consultants.
What is Email Deliverability?
Email deliverability refers to the ability of an email to successfully reach its intended recipient's inbox without being flagged as spam or blocked by email service providers (ESPs) or spam filters. It is critical to ensure that the messages you send not only land in the recipients' inboxes, but also result in at least a respectable portion of recipients engaging with the email in some way.
Achieving good email deliverability involves several factors, including:
- Authentication: Verifying the legitimacy of the sender's identity to prevent email spoofing and phishing. Technologies like DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) are used for authentication.
- Reputation: Monitoring and maintaining a positive sender reputation. This is influenced by factors such as engagement rates (open and click-through rates), complaint rates (when recipients mark your emails as spam), and spam trap hits (sending emails to inactive or non-existent addresses).
- Content: Creating high-quality, relevant, and engaging content that doesn't trigger spam filters. This includes avoiding certain keywords or practices commonly associated with spam.
- List Quality: Ensuring that your email list consists of valid, engaged recipients who have explicitly opted in to receive your emails. Sending emails to invalid or uninterested recipients can harm your deliverability.
- Sending Infrastructure: Using a reliable and properly configured email sending infrastructure, including using reputable email service providers and correctly configuring DNS records (like SPF, DKIM, and DMARC).
- Compliance: Following legal regulations and best practices for email marketing, including providing clear opt-in options, including an unsubscribe link, and honoring unsubscribe requests promptly.
- Engagement: Encouraging recipients to open, click, and engage with your emails. Higher engagement signals to ESPs that your emails are wanted and relevant.
Poor email deliverability can lead to your messages being diverted to spam folders or not being delivered at all, which can negatively impact your marketing efforts, customer relationships, and brand reputation. Therefore, understanding and optimizing email deliverability is crucial for effective email communication and marketing campaigns. In the sections that follow I'll focus on the two factors most likely affecting deliverability, including authentication and list quality.
How DKIM and SPF Settings Affect DeliverabilityOf the topics described in the above bullet points, I have little doubt that the most common cause of poor email deliverability is misconfigured DKIM and SPF settings, if they are even configured at all! These settings are used to authenticate the sender of an email and to prevent email spoofing and phishing. If you are sending email from your own domain, you should have these settings configured correctly. If you are using a third-party email service provider, they should be able to help you configure these settings correctly.
What is DKIM?
To understand the role DKIM configuration plays in deliverability, imagine you're sending a physical letter to a friend. You put your signature at the end to show that the letter is from you. But is it really? After all, anybody could have forged your signature and fooled your friend into believing you finally admitted to stealing their lunch money in the sixth grade. DKIM prevents such email-based forgeries by adding a digital signature to your emails.
An acronym for "DomainKeys Identified Mail", DKIM is an email authentication technology that helps verify the authenticity of the sender and integrity of the email content. It does so by acting as the conduit for verifying a sender's identity using public key encryption. To do so, a public and private key pair are generated, and the public key is placed in a DNS
TXT record. Whenever an email is subsequently sent from your domain, the private key will be used to add an encrypted signature header to the outbound message. The recipient email server will then use the public key to decrypt the signature and validate the identity. If the signature is valid, the email is considered authentic and is delivered to the recipient's inbox. If the signature is invalid, the email is considered inauthentic and is either delivered to the recipient's spam folder or rejected outright.
It is critical to understand that if your organization uses a managed email service provider such as GSuite or Microsoft 365, then there is no need to generate your own DKIM keys. These providers will generate the keys for you and configure the DNS records automatically. However, it is equally critical to understand that if your domain DNS record are being managed at a service provider other than that being used for email, you will need to update your DNS records to reflect the email service provider's provided DKIM record! Further, if you are using third-party services such as Hubspot to send emails on your behalf, then additional steps will be required by that third-party service to send emails masquerading as you!
What Does a DKIM Record Look Like?
A DKIM record is managed as a
TXT record within your DNS administrator. It will contain the public portion of the public/private key pair generated for identity verification purposes. Here is an example DKIM record which happens to be the same used by EmailReputationAPI:
v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupJy99z8hUBrzThf/F31GbdKPNZTPfAjtUmmgk3L/ go27jYoWKoXbb6RRfqcsLbXKvG+eZGk/wXROiu/PgEdKLYLPxAnA+LbHyVPKFOZWnJZD/IkPuIpGEHyRkahhvgkA+5+fvoYOPo/ duzLXizw8JXHebksT+LYz3gE2+m8TynZle6rzRiyrGo3HVC/d2Y/ A1xNz6BquUjU6RlZ7Euwl8WmjWJ2vvltKv3zV1ZDL2qwQeIWxMAeU6XjiwzjQSa9/ tGdiRv8TX1qOTHtgqjkSTtw3QWmUn2P162mLx5zHxFP5C3Gci6JTta83K+pVj/yZ/Fv6lA5BDkuMDjsrv1wZwIDAQAB;
What is SPF?
To understand the role SPF plays in email authentication, imagine you're the manager of a secure building, and you only want certain people to have access. To make sure only authorized individuals enter, you create a list of approved names. Anyone on that list can come in, but if someone's name isn't on the list, they can't get past the entrance. SPF works in a similar way in that it ensures emails for a particular domain can only be sent from one or more servers that have been authorized to send emails on behalf of the domain.
When an email is sent, the recipient's email service checks the SPF record of the sender's domain. It's like the entrance security checking the list of approved names before letting someone in. If the email comes from an authorized server listed in the SPF record, it's allowed through and lands in the recipient's inbox. If the server isn't on the list, the email might get rejected or marked as suspicious (just like someone without an approved name wouldn't be allowed into the building).
Like DKIM, these days chances are you won't need to generate SPF records yourself because you're likely using a third-party email services provider such as GSuite or Protonmail to manage your business email. However the aforementioned caveats apply regarding the need to nonetheless update your DNS records to reflect the SPF (and DKIM) entries provided by your provider.
What Does an SPF Record Look Like?
Like DKIM, an SPF record is just a
TXT record managed alongside your other domain DNS records. Here is what the EmailReputationAPI SPF record looks like:
v=spf1 include:spf.privateemail.com ~all
For example if you're using GSuite then your SPF record will look like this:
v=spf1 include:_spf.google.com ~all
Is DKIM and SPF Configured for My Domain?
The most straightforward way to determine whether DKIM and SPF are configured for your domain would be to login into your domain's DNS manager and visually confirm existence of the respective
TXT records. However, if you're not sure how to do that, you can use a free online tool such as this one to do so for DKIM, and this one for SPF.
How Does List Quality Affect Deliverability?
List quality is a measure of how engaged your subscribers are with your emails. It is a critical factor in determining your deliverability. If your list is full of inactive subscribers, your emails will be marked as spam and your deliverability will suffer. If your list is full of engaged subscribers, your emails will be delivered to the inbox and your deliverability will improve. But before you can even think about engagement, you should take a moment to consider whether the email addresses to which you are sending are even valid. Have they been audited to confirm they are valid syntactically? How many addresses in your CRM are anonymized, meaning the individual who signed up for a product trial or downloaded a PDF actively took steps to ensure you will be unable to identify or market to them? You should periodically audit all emails in your marketing database to confirm that each meets the following standards:
- Is the email syntactically valid? Emails like
jane@hello@.comwon't ever be delivered because they don't represent valid addresses.
- Does the email use a valid top-level domain (TLD)? email@example.com uses the well known and valid while firstname.lastname@example.org is probably a typo of the former.
- Is the email domain associated with an anonymized service? I guarantee there are more of these than you think residing in your database. EmailReputationAPI tracks well over 100,0000 anonymized domains!
- If your product is exclusively used by universities or United States government entities, then you might consider disallowing all TLDs other than
There are well-known and straightforward steps your developers can take to ensure email validity, or constrain signups to specific domains, however there is much more your organization can do to ensure your list is of the highest quality. For example, you can use EmailReputationAPI to audit your list for anonymized domains, or to prevent individuals from registering for a trial using a personal email domain such as
Do I Need to Hire a Consultant to Improve My Deliverability?
As is likely laid bare above, improving deliverability is going to require a certain level of technical acumen to not only update, manage, and monitor DNS records, but also to continuously audit your leads to filter out unwanted addresses. If you don't have the technical expertise in-house to do this, then you will need to hire a consultant to do so. However, if you do have the technical expertise in-house, then you can use EmailReputationAPI to automate the process of auditing your leads, and to monitor your DNS records for changes. If you would like some input regarding what other questions to ask potential deliverability consultants, feel free to email EmailReputationAPI creator Jason Gilmore at email@example.com with questions!
Contact Us with Questions
If you have any questions about how to improve your deliverability, please don't hesitate to email us!