Starting early February 2024, major inbox providers like Gmail and Yahoo are requiring senders to meet a new standard of email authentication. While these standards have long been considered best practices, they will now be required in order to ensure a high deliverability rate and stay out of the spam box.
Ensuring your emails reach subscribers' inboxes is crucial for effective relationships with all that are connected to your business (aka we call this your SACRED MISSION!).
Email providers like Outlook and Gmail verify legitimacy by checking if the sender owns the email domain. While domain authentication is optional, we strongly recommend implementing it.
Yes, this is all annoying BUT have you noticed how out of control spamming is?
These changes are actually (SUPPOSEDLY) helping to cut down on the BS spammers who clearly have way too much time on their hands and don't care about anyone's lives. Spam sucks and is a huge time suck!
These steps enhance your email credibility, safeguards people against pointless BS spammers, and ensures your messages are trusted by the people you desire to serve and connect with you.
Below, discover why domain authentication is a must for your email success and how to make sure you do it. It's easy, just follow things step by step or call your domain holder and have them help you (e.g., GoDaddy).
What are DKIM, SPF, and DMARC?
DKIM (DomainKeys Identified Mail): DKIM ensures that an email's content hasn't been changed during transmission by using cryptographic signatures, allowing the recipient to verify the sender's identity.
SPF (Sender Policy Framework): SPF helps prevent email spoofing by confirming that the sender's IP address is authorized to send emails for a specific domain. SPF records in DNS list approved mail servers for a domain.
DMARC (Domain-based Message Authentication, Reporting, and Conformance): Building on DKIM and SPF, DMARC adds an extra layer of email authentication. It empowers domain owners to specify how to handle emails failing authentication checks, reducing the risk of phishing attacks.
Why implement DKIM, SPF, and DMARC?
Enhanced Email Deliverability: Authenticating your domain with DKIM, SPF, and DMARC significantly reduces the likelihood of your emails being marked as spam or phishing attempts.
Protect Your Brand Reputation: Implementing these authentication methods helps build trust with your audience by ensuring that your emails are genuinely from your organization and have not been tampered with.
Mitigate Phishing Attacks: DMARC, in particular, provides a powerful tool to protect against phishing by allowing you to instruct email providers on how to handle unauthenticated emails, such as quarantining or rejecting them.
How to Authenticate Your Domain:
Retrieve the DKIM, SPF, and DMARC record names and values from your email marketing platforms associated with your domain. This could be ActiveCampaign, WebinarJam, Flodesk, Mailchimp (ANY platform that sends email on YOUR behalf is what we're speaking to here as far as email platforms).
Ensure you log into those platforms for the necessary information. They've been sending emails to everyone as well, so you may have those emails already in your inbox OR in your spam (make sure to check your spam/junk box).
Next, head to your domain hosting provider, such as GoDaddy or any other service where your domain is registered. Input the values obtained from your email marketing platform. Whether your domain is hosted on GoDaddy, Google, or elsewhere, the process remains relatively the same.
CHANGES / REQUIREMENTS:
- Make sure you send emails from your custom URL (the domain, as opposed to a “free email” domain, like gmail.com or yahoo.com)
- Verify your domain via DKIM and SPF
- Have a DMARC record set to “at least” p=none
- Offer a one-click unsubscribe button (which is a must no matter what email platform you use anyway)
- Keep spam complaints below 0.3%
DKIM / SPF Records: records can be found within your email marketing provider, under "Authenticate Your Domain" or "Email Configuration" which will vary so you can always ask your email provider if you're not sure.
NOTE: Depending on where you bought your domain(s), the record name and that value may vary so you can always contact your domain host for them to help you.
Below are the steps for GoDaddy domains to serve as an example.
- Log into your GoDaddy account and navigate to your DNS management page.
- Find "Add" button and click on it. You'll be adding a new record
- To set up SPF:
- Access your domain’s DNS settings
- Add a CNAME record containing your SPF information that you pull from your email marketing platform
- Click on the "Save" button to finalize the record
- DKIM record: Note that some providers use a TXT record while others use a CNAME. You can check your email provider.
- In the "Host" (or "Value") field, enter the value provided by your email service for DKIM. It often looks like this 's1._domainkey'
- In the ""Points to" field enter the value provided by your email service for DKIM.
- Click on the "Save" button to finalize the record
DMARC: below you will not enter the quotation marks into your DNS records.
- Click on the "Add" button again to create a new record.
- In the "Type" dropdown menu, select "TXT". This is where we'll input your DMARC record.
- In the "Host" field, enter _dmarc This is the standard host value for a DMARC record. the host field should just be "_dmarc". The DNS system automatically appends your domain name to the host, so "_dmarc” becomes "_dmarc.yourdomain.com
- In the "TXT Value" field, enter your DMARC policy. If you're unsure what to put, a basic policy is as follows: v=DMARC1; p=none;
[MAKE SURE YOU KEEP THE SEMICOLON AT THE END!]
Most DNS updates take effect within an hour, but could take up to 48 hours to update globally.
Final step: Validate your DMARC record
NOTE: works for any domain no matter where the domain was purchased
IT CAN TAKE 24-72 HOURS FOR THIS CHANGE TO BE RECOGNIZED GLOBALLY BY SERVERS, SO WAIT AT LEAST 72 HOURS BEFORE CHECKING WITH THIS URL NOTED HERE.
Important: Once you've set up your DMARC record, do not remove it from your domain. Removing it may cause deliverability issues.
Protect your messages you send via email by taking action BEFORE Feb. 1st, 2024!
We want your Sacred Mission to reach the people who want to connect with you, so it's essential we play by these rules... and honestly, who doesn't want to end this spamming nonsense?!
With significant changes underway in Gmail and Yahoo's email platforms, we advise taking action before February 1st to avoid any disruptions to your email magick messaging efforts.
What happens if you ignore these changes?
Neglecting to take action whether you send 1 or over 5,000 emails daily from your email platforms will lead to an increased likelihood of your emails landing in that spam folder EVERY TIME within Gmail and Yahoo mailboxes. This not only hampers email engagement but could also result in potential blacklisting by email providers, and who wants to play that game?!
One-Time Setup or Ongoing?
Typically, the setup of SPF, DKIM, and DMARC records is a one-time task. However, when you change email platforms (for example, you change from Mailchimp to ActiveCampaign), the SPF and DKIM records change and you need to insert those new verifications into your DNS (that means changing at domain level as DNS means Domain Name Server).
Also, as a proactive measure, we advise periodic cleaning your email list for optimal performance and deliverability (which usually means deleting anyone who unsubscribed or bounced).
Ridding the world of spammers would be great, don't you think?
By authenticating your domain, you're not just securing your emails but also contributing to a more trustworthy online environment. Hopefully, one day, we will NOT have to worry about such nonsense like spamming or scam artists, etc., and then what would be even better, is if we could rid this world of these big ass tech companies that don't care about Earth or any creature or human within it. That'll be wonderful, won't it?!
We know and trust that a better world for ALL is getting closer and closer and closer... 💜