When you’re sending email through a third party, like the emfluence Marketing Platform, there are a few important technical items that your Email Service Provider (ESP) should help you take care of. One of the most important is your email authentication. When you set up a new account or switch to a new email platform, the platform team should ask you to add two text records to your DNS – SPF and DKIM – that will help optimize your inbox placement. A lot of this process may sound like jibberish if you’ve never worked in your website’s DNS records before! Here’s a quick breakdown that we share with new emfluence Marketing Platform Users:
First, your DNS is where your domain is managed. When you purchase yourdomain.com, and renew that domain every year, you do that at your DNS (Doman Name Server). Your DNS is also where you manage things like your email server (setting up all your @yourdomain.com email addresses), and any other domains you might own. No one else can own your domain. Anybody can use your domain in the from address (this is called spoofing). They’re basically pretending to be you. Without authentication, you could be one of those pretenders every time you send from your emfluence account.
Don’t Love Your Email Results?
Download the anatomy of a marketing email template
Inboxes like Gmail want to protect their users, so they want to make sure that emails from yourdomain.com are actually from YOU, not some spoofer. SPF and DKIM are two different ways to authenticate that you’re really you when you send from the emfluence Platform.
SPF is just a single line of code added to your DNS. Domain Key (also called DKIM) is slightly different: it’s a bit of code on your website and a bit of code in your EMAILS (that we put in for you). If those two bits of code, called keys, match when Gmail or Yahoo checks “does the one on their email match the one at yourdomain.com,” then you “pass” and are much more likely to get to the inbox.
Yahoo, Gmail, and AOL look at your DKIM records, and Gmail, AOL, and Hotmail look at your SPF record. By setting up both, we cover all your bases.
There are two other forms of email authentication: SenderID and DMARC, which are based on SPF and DKIM respectively. These aren’t as common, but are worth implementing if you send from a domain that’s often spoofed, like banks and retail sites that work with private account numbers and information. You can help ISPs and email clients protect your customers by giving them as much authentication information as possible.
Not sure if your sending domain is authenticated? Here’s a quick way to find out:
Send an email through your ESP to a Gmail.com address. Expand the options menu in the top right corner of the message, and click “Show Original”.
You’ll see a whole bunch of code, but what you’re specifically looking for is a “Pass” status for your SPF and DKIM records (around 13 or 14 lines down):
If you don’t see this for emails coming from your domain out of your email platform, you’ll want to connect with your ESP support team. It’s possible they help authenticate in different ways.
emfluence Marketing Platform users are often authenticated during set up and training. If you don’t see the “pass” like above, reach out to support@emfluence.com to get started or to learn more.
Ready to get started?
I see the SPF: pass, but I don’t have DKIM anywhere in the email I sent to gmail. Do I need to have both?
Hi Scott,
You should have both. Your emfluence account rep can help make sure it’s set up correctly. Reach out to Krissy or me — we’ll get you sorted out.
Thanks for reading!
Jessica
@bestofjess
Found this excellent (and funny) infographic about DKIM: “How to Explain DKIM to Your Grandmother”, http://blog.messagesystems.com/dkim-for-grandma/#sthash.4dUs7xMZ.N43i6T1J.dpbs.