It’s February 2024, and Google is working hard to prevent spam from reaching its users. It’s a good thing, although you need to make sure your mass emails are not getting sucked into the spam abyss. You can read more about Google’s policies by clicking on this previous article – https://www.biggestbark.com/google-ratcheting-up-email-protection-make-sure-your-emails-get-through/.
You’re going to have to set up authentication for any service that sends e-mail on your behalf. This might include Constant Contact, MailChimp, Quickbooks, and more.
No, SPF is not referring to the level of protection against the sun (in this case) In a really simplistic explanation, SPF, DKIM and DMARC authentication are ways that e-mail providers can tell its you actually sending an email … and not someone spoofing your email.
If you really want to know:
- Sender Policy Framework – SPF is a standard email authentication method. SPF helps protect your domain against spoofing, and helps prevent your outgoing messages from being marked as spam by receiving servers. SPF specifies the mail servers that are allowed to send email for your domain. Receiving mail servers use SPF to verify that incoming messages that appear to come from your domain were sent by servers authorized by you.
- DomainKeys Identified Mail – Set up DKIM to help protect your domain against spoofing, and help prevent your outgoing messages from being marked as spam. Spoofing is a type of email attack that forges the From address of an email message. A spoofed message appears to be from the impersonated organization or domain. DKIM detects when a message has been modified, and when unauthorized changes are made to the message From: address.
- Domain-based Message Authentication, Reporting & Conformance – DMARC tells receiving mail servers what to do when they get a message that appears to be from your organization, but doesn’t pass authentication checks, or doesn’t meet the authentication requirements in your DMARC policy record. Messages that aren’t authenticated might be impersonating your organization, or might be sent from unauthorized servers.
So, your head might be spinning. Or, you skipped over the definitions and are ready for “How do I fix it?”
Directions for various software providers
Below, I’m listing articles that talk about email deliverability and how you set up authentication for your emails. You will typically see it talking about verifying your domain or talking about authentication. It’s all part of the process – and you may have to click on links on those pages to further get instructions.
- Outlook – https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-anti-spoofing?view=o365-worldwide
- Outlook (setting up DKIM) – https://lazyadmin.nl/office-365/configure-dkim-office-365/
- Constant Contact – https://knowledgebase.constantcontact.com/email-digital-marketing/articles/KnowledgeBase/5865-overview-of-what-is-involved-in-the-authentication-process
- ConvertKit – https://help.convertkit.com/en/articles/2502558-verify-your-domain-to-optimize-your-deliverability
- MailChimp – https://mailchimp.com/help/about-email-authentication/
- Quickbooks– Have not seen a clear answer to the dilemma.
Looking for a specific software? Email me at email@example.com and I’ll see what I can find. I’m going to keep updating this article as I find more answers.
And, if you need help setting up your authentication, please reach out to me at firstname.lastname@example.org.