When Google and Yahoo announced new requirements for bulk senders this year, there was a big focus on using email authentication protocols. That includes:

1. SPF (Sender Policy Framework)
2. DKIM (Domain-keys Identified Mail)
3. DMARC (Domain-based Message Authentication, Reporting and Conformance)

As it now stands, every sender needs to be using SPF and DKIM, and bulk senders need to implement DMARC with a minimum policy of p=none. Fail to do so and you may not be able to reach Gmail and Yahoo Mail contacts. Encouraging more senders to adopt DMARC has been a top priority for major mailbox providers. This new requirement pushes senders in that direction, and it seems to be working.

Sinch Mailgun’s new report, State of email deliverability 2025, found an 11% increase DMARC usage compared to its previous report. The problem is, a lot of senders only want to do the bare minimum to meet the new requirements. Unfortunately, that means they’re not getting the most out of DMARC.

What is DMARC and what does it do?

Before we get too far, let’s review how DMARC works alongside other email authentication methods (SPF and DKIM).

When used together, these three DNS TXT records are an effective way to stop email spoofing. That’s because they help mailbox providers (like Gmail and Yahoo) verify the identity of a sender before accepting or rejecting a message.

The main purpose of DMARC is to check for both SPF and DKIM alignment and then advise mailbox providers on what to do with messages that fail authentication.

This protects sending domains from unauthorized use while making it easier for receiving mail servers to verify the identity of the sender. That’s why DMARC helps prevent phishing, business email compromises (BECs), and other email scams.

How DMARC works with SPF and DKIM

SPF and DMARC check for different things. Here’s a quick explanation of how they work:

• SPF is a list of hostnames and IP addresses published on your DNS that are approved to send mail for your domain. For example, this may include a subdomain used for sending email or a shared IP your ESP has added you to.
• DKIM verifies the identity of a sender using an encrypted digital signature or private key that matches a public key on a sending domain’s DNS. DKIM also ensures messages are not altered during transit.

DMARC combines the powers of SPF and DKIM into the most effective way to thwart email phishing.

What is a DMARC policy?

After finding out whether SPF and DKIM pass or fail, a DMARC policy informs mailbox providers as to how messages should be filtered when they fail authentication. Email authentication failures may also be described as SPF or DKIM not being aligned.

Senders have three DMARC policy options:

1. p=none – This DMARC policy tells mailbox providers not to do anything with messages that fail authentication. It means potentially malicious email spoofing a domain could land in the inbox.
2. p=quarantine – This DMARC policy tells mailbox providers they should filter messages that fail authentication into the spam or junk folder, preventing them from reaching the inbox.
3. p=reject – This DMARC policy tells mailbox provider not to accept any messages that fail authentication. Failures are blocked from reaching any folder.

DMARC also provides regular reporting to senders on authentication failures and who is attempting to send mail on behalf of their domain. These reports are available with a p=none policy. However, a DMARC policy of none does nothing to make the inbox safer. Sinch Mailgun deliverability experts explain exactly why in the video below:

In an ideal world, you’d only use p=none while you set up and test DMARC implementation. Then, you’d move to a DMARC policy of quarantine or reject to actually enforce the specification. A policy of none does nothing to protect the inbox from bad actors. Protecting their users by making the inbox safer was one of Google and Yahoo’s main objectives. So, why did they choose to require only a p=none DMARC policy? We’ll get to that. First, let’s check out some stats.

Statistics on DMARC policies in 2024

When Sinch Mailgun surveyed senders for its latest deliverability report, it took a closer look at both how senders responded to the new requirements (aka Yahoogle) as well as trends in email authentication practices among senders across the globe.

Among senders who made changes to their email programs to comply with new bulk sender requirements, nearly 80% updated their email authentication protocols. Mailgun also found high awareness and adoption rates for SPF and DKIM with more than 66% of all senders knowing they used both protocols while 25% were unsure and the rest used one or the other.

DMARC adoption is not quite as strong, but there were definite improvements from Mailgun’s 2023 findings. Results show overall DMARC adoptions increased from less than 43% in 2023 to nearly 54% in 2024 with a notable decrease in the percentage of senders who were unsure about DMARC usage.

Of course, smaller senders may not need to comply with this new rule. While DMARC is highly recommended for all senders, it’s only required for bulk senders with daily volumes around 5,000 messages. When Mailgun broke down DMARC adoption by send volume, results show around 70% of higher volume senders use DMARC.

Which DMARC policies are senders using?

Sinch Mailgun’s State of email deliverability 2025 found that p=none is the most common DMARC policy among all senders. While nearly 23% of senders used p=none in 2023, almost 32% were using the policy in 2024. It would appear that a lot of the growth in DMARC adoption came in that area.

So, are all of these senders just in a testing phase after setting up DMARC for the first time? Mailgun’s survey results do not make it look that way.

Among those using a DMARC policy of p=none, a combined 25% say they plan to begin enforcing DMARC with a stronger policy soon. However, nearly 75% of senders using a DMARC policy of none have no plans to update to quarantine or reject any time soon.

More than 61% of senders say they’ll only start enforcing DMARC if mailbox providers make it a requirement. The reality is — that’s exactly what’s going to happen sooner or later.

What Google and Yahoo want for DMARC policies in 2025

The truth is, the DMARC with p=none requirement is only a first step. Mailbox providers just wanted more senders to start implementing DMARC. Once those records are in place, it is very likely that a policy of either p=quarantine or p=reject will be required in the near future (at least for bulk email senders).

In a webinar with Sinch Mailgun, Marcel Becker of Yahoo confirmed this approach saying:

“The end goal is ideally a policy of p=reject. That’s what DMARC is for. Ensuring that your domain cannot be spoofed and protecting our mutual customers from abuse.”

Marcel Becker Senior Director of Product at Yahoo

For more insights straight from Gmail and Yahoo, get key takeaways from Mailgun’s talk with Marcel Becker and Anu Yamunan who is the Director of Product for Anti-Abuse & Safety at Google. You can also watch an Email Camp 2024 panel session with Marcel as well as Google’s Dan Givol.

To be clear… a p=none policy is the minimum requirement. Mailbox providers would much rather have senders enforcing DMARC with a stronger policy.

Want to stay one step ahead of the game? Start enforcing a stronger DMARC policy of quarantine or reject now. It’s worth the time and effort, and not just because it will eventually be required.

The benefits of enforcing a stronger DMARC policy

Some senders hesitate to enforce strict DMARC policies due to fears it may hurt email deliverability. While an incorrectly configured DMARC record or other authentication issues may cause deliverability problems, the truth is that email authentication can lead to better deliverability.

The use of email authentication is a strong signal to mailbox providers that you are a responsible and reliable sender When you’ve got a good email reputation, you are less likely to get blocklisted, less likely to get filtered into the junk folder, and more likely to land in the inbox.

Enforcing a strong DMARC policy is a clear signal that you are working to do the right thing. It protects your reputation as an email sender because it makes it easier for mailbox providers to identify your messages as legitimate and messages from spammers and scammers as malicious.

DMARC benefits for mailbox providers

All major mailbox providers support DMARC. That includes Gmail, Outlook, Yahoo, Apple Mail, and AOL. And as we see with Gmail and Yahoo, it’s important enough to make it a requirement.

For mailbox providers, DMARC provides information about how to filter messages that fail authentication. This is what your domain’s DMARC policy does. When mailbox providers are unclear about how to handle unauthenticated messages, they may lean toward delivering them. That’s because their users would be more upset about not receiving real emails than dealing with spam. This is one reason why potentially dangerous emails sometimes sneak through.

DMARC benefits for email users

For email recipients, DMARC makes the inbox a safer place because it prevents malicious phishing attempts and brand spoofing emails from getting delivered. Specifically, it stops emails with forged information in the “from” field of an email header.

That means consumers have less to worry about when, for example, they open a transactional email from a brand they do business with regularly. Their inbox can be used for important customer communications. Email is a common and popular way for people to connect with brands. Mailgun’s Email and the customer experience report found that around 3/4ths of consumers prefer email for both transactional and promotional messages.

DMARC benefits for senders and email marketers

For email senders, DMARC helps protect brand reputation and also provides valuable reports on the IP addresses that are sending mail on behalf of your domain. This lets you monitor for email spoofing and find out if legitimate emails are encountering authentication issues that impact deliverability. You can set up DMARC so that you get daily reports from servers receiving any emails claiming to be from you.

But more importantly, stronger email authentication helps maintain the integrity of the email channel because it keeps bad actors out of the inbox. It ensures that email continues to be a reliable and useful way to connect.

Try imagining a world in which you could no longer use emails to reach your subscribers, customers, and prospects. Both email senders and mailbox providers want people to keep using email. That’s why Marcel Becker called them “our mutual customers.” Enforcing a DMARC policy isn’t just a good idea, it should be a responsibility. That’s why mailbox providers like Gmail and Yahoo are likely to make p=reject mandatory in the future.

BIMI: The bonus benefit

Another potential benefit of a strong DMARC policy is eligibility to have a certified logo show up on your marketing and transactional emails. This is made possible through a specification known as Brand Indicators for Message Idenfitication (BIMI).

BIMI adds more branding to the inbox experience and there’s evidence it could help increase engagement metrics such as open rates. It could also serve as a sign that the email can be trusted.

That’s because any email that displays a BIMI logo has also been authenticated using DMARC. However, mailbox providers won’t show a BIMI logo unless you’re a DMARC policy of either p=quarantine or p=reject.

What does a DMARC record look like?

There’s more to a DMARC record than just the policy. Let’s take a closer look at the TXT record you’ll need to publish on your DNS server.

When you set up your DMARC policy and create a DNS record, there are up to 11 tags you may use. Only two of those are required: the v tag (version) and the p tag (policy). But you also want to use the “rua=” tag, because it defines the email addresses where receiving mail servers should send DMARC reports.

Here’s a quick explanation of all DMARC tags:

A DMARC record with only the basics will look something like this:

                            

                                v=DMARC1; p=reject; rua=mailto:dmarc-reports@yourcompany.com
                            
                        

The v and p tags must appear first. All other tags can appear in any order.

A somewhat more complex DMARC record might look like this:

                            

                                v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:dmarc-reports@yourcompany.com;
pct=100; aspf=s; adkim=s
                            
                        

If you’re pursuing BIMI implementation, it’s important to know about the values required for a couple of optional tags. As with your main DMARC policy, subdomain policies cannot be set to none (sp=none). Furthermore, the percentage tag must have a value of 100 (pct=100), which means all emails are subject to your DMARC policy.

How to publish a DMARC record

First, set up SPF and DKIM, if you haven’t done so already. Those should be running for at least 48 hours before you set up DMARC.

Then, go to your DNS hosting provider, and follow these steps:

1. Add your DMARC record to your DNS by creating a new record.
2. Use the TXT record type — this will likely be in a dropdown menu.
3. Enter _DMARC in the Name or Host field.
4. Enter the required tag value pairs (v= and p=) as well as any optional tag values needed.
5. Save, or create, the DMARC record.
6. Validate that the DMARC record has been set up correctly by running a DMARC Record Check.

If you start with a policy value of p=none during initial implementation and testing, you should eventually update it to p=quarantine or p=reject.

Setting up DMARC seems pretty simple on the surface, but it can get very technical. So, you may need to ask your IT department for help. There are also vendors that specialize in DMARC implementation.

For example, Red Sift is a cybersecurity company that offers OnDMARC, which is a service that helps out with many factors of email authentication, including BIMI as well as DKIM and SPF configuration. Other vendors who can help with DMARC include dmarcian and PowerDMARC.

The tools to improve email deliverability in 2024

DMARC is just one of several factors senders are thinking about this year thanks to the changes from Gmail and Yahoo. Research from Sinch Mailgun found the biggest benefits of prioritizing email deliverability are improved customer satisfaction and increased revenue.

If you’re ready to get serious about inbox placement, Mailgun Optimize is a complete deliverability suite. It includes reports that tell you if your authentication protocols are working properly. Plus, you’ll also find out if your emails are likely to land in spam, email validation tools, email previews, blocklist monitoring, and more.

The post What DMARC Policy Should Senders Use in 2025? appeared first on Email on Acid.

From signup to inbox placement and everything that happens in between, there’s plenty that can go haywire in the wild world of email. If you don’t put an end to these potential problems, they’ll reduce the email channel’s impact on your marketing efforts and the customer experience.

So, what does your company need to get the most out of email marketing? Let’s look at every type of email testing tool as well as when and why you’d want to use each one.

5 types of email testing tools

If you’re searching for the right email testing tool, you probably have a specific problem in mind. You may want to optimize emails for better performance, ensure HTML email campaigns display correctly, or test factors related to email deliverability.

Each one of these situations requires a different type of tool. Here are the five email testing software we’ll explain in this article:

1. Email address validation
2. HTML email previews
3. Email quality assurance testing
4. Email A/B testing
5. Inbox placement/spam testing

Many of the popular tech review sites like G2 and TrustRadius lump these email testing tools together. It’s time to clear up the confusion so you can find the right fix.

1. Email address validation

Let’s start at the beginning of the email customer journey – the point of signup. That magical moment when a new subscriber decides it’s time to give you permission to email them. In many cases, they’ll opt in through a form on your website.

But what happens if they’re so excited to join your list (hey it could happen) that they accidentally type Gnail.com instead of Gmail.com? There may also be people who just want to get their hands on that free download, and they use fake contact information or disposable email addresses.

Email testing tools that can help prevent bad contact data from landing on your list are known as email address validation or email verification tools.

An email validation service determines whether an address is real by testing to see if it can be reached. There are solutions that validate emails at signup as well as those that verify contacts on your entire list. That’s needed too – because people abandon personal email accounts, graduate from college, and change jobs leaving old addresses behind.

Why it’s important

Besides the obvious reason that sending messages to a non-existent contact is a waste, there are other important reasons to conduct email validation. The biggest relates to your sender reputation and deliverability.

Since there’s no one on the receiving end of an invalid email address, bad contact data could drag down your email engagement rates. Invalid emails also lead to high bounce rates, which is another factor that can hurt deliverability. Mailbox providers like Gmail, Yahoo, and Outlook take notice of low engagement and bounce rates.

Most dangerous of all are spam traps. Sometimes, abandoned email accounts are recycled to catch spammers. If you send to one of these recycled spam traps, mailbox providers may decide to filter your messages to junk or add you to a blocklist.

One way to avoid email verification pitfalls is to implement a double opt-in, which asks new contacts to confirm their intent to sign up. You don’t add them to your list unless they click the link in a confirmation email.

Who needs this type of email testing tool?

If you’re a bulk email sender with a list that is constantly growing with contact data from new customers and prospects, email validation is vital to good list hygiene.

Verifying new contacts at sign up helps keep your list clean, but you should also periodically check your entire list. One solution that lets senders do both is Mailgun Validate.

Using Mailgun’s Email Validation API, you can catch bad addresses in real time – before they get into your database. The tool can even identify common email address typos and suggest a fix. List Validation features let senders verify contact data in bulk. This is useful for regularly scheduled list hygiene or when you may be legimately adding a large number of new contacts.

Unlike other email testing tools for address verification, Mailgun Validate uses real cached send data as opposed to broken SMTP handshake. (Oh, and it’s also super-fast.)

2. HTML email previews

Once upon a time, there was a digital marketer who was blissfully unaware that whilst his emails looked great inside a popular ESP’s editor, they rendered like hot garbage in some of the most popular email clients. (This is a true story about me.)

Most email marketing software shows you how your campaign looks on mobile and desktop, but the real problems come with the way email clients render HTML and CSS. Email rendering differs depending on the inbox provider/client. To get the full picture, we always suggest visiting CanIEmail.com.

Desktop versions of Outlook, for example, are particularly problematic. But Gmail and other providers have their issues too. Even though there’s a new Outlook coming in 2024 that will fix some issues, the old versions aren’t disappearing just yet.

Email previews are screenshots from inside of actual inboxes that show you how an HTML email campaign renders in different clients, devices, and operating systems. These previews help senders find and fix problems like random white lines in Outlook or rendering issues with dark mode emails.

Why it’s important

Brands want their email campaigns to reach inboxes looking as perfect as possible. When emails show up with broken layouts it reflects poorly on the brand. Sometimes the way campaigns are displayed makes emails unreadable. So, rendering inconsistencies can also reduce email engagement.

Who needs this type of email testing tool?

Senders with teams that include an in-house email developer who codes campaigns from scratch will almost always need this type of email testing. Email previews are also an essential test for digital agencies and freelancers specializing in email marketing.

Sinch Mailjet’s report, The path to email engagement 2024, found that 71.5% of global consumers check their inbox on a mobile device. So, emails must be responsive if you want them to look and function properly on smartphones. Mobile device previews help you catch those problems.

Email previews from Sinch Email on Acid include more than 100 of the most popular clients and live devices. That includes dark mode previews. Senders can tailor their email testing profiles for the inboxes that matter most.

There are only a couple players in the email preview game. We won’t mention our competitor, but their name rhymes with Spit-Bus. (Okay, it’s Litmus.) If you’re using a marketing platform that already provides email previews, there’s a good chance they’re using an API to white label one of our services.

3. Email quality assurance testing

Email quality assurance (QA) is a more all-encompassing way to test email campaigns. While rendering issues are one of the biggest challenges of email  development, there are many other things marketing teams should double-check before hitting the send button.

There are the little things like typos and accidental profanities (cuz shit happens). There are also bigger problems like broken links, email accessibility, and blocklists to worry about. Once your campaign reaches inboxes, there’s no taking things back.

Some teams use an email marketing checklist for quality assurance. The problem is, if this process is mostly manual, it leaves lots of room for human error. An automated checklist creates a consistent workflow for pre-send email testing that’s much more dependable.

Why it’s important

While email marketing delivers a high return on investment (ROI), your campaigns need to be optimized for every inbox and every subscriber if you want to get the most out of each campaign.

Customers can’t convert if broken links fail to take them to your landing pages. Accessibility issues could make text unreadable or mobile email CTA buttons untappable. Mistakes in an email marketing campaign do more than damage your brand reputation. Failure to conduct email quality assurance testing also ends up reducing revenue the email channel generates.

Who needs this type of email testing tool?

Whether you’re a recognizable brand or a smaller online store, if you rely on email to drum up business and drive customers to your website, you need to conduct pre-send testing for quality assurance.

At Sinch Email on Acid, our automated workflow is known as Campaign Precheck. It includes spell check, inbox display optimization, basic deliverability checks, accessibility fixes, and more. You can customize your quality assurance process however you want. Of course, you’ll also get unlimited testing including our reliable Email Previews.

Besides being a valuable email testing tool, Email on Acid also helps teams collaborate on review and approval of campaigns with Team Management features.

4. Email A/B testing

While email validation and previews are important tests before a campaign launches, there’s another type of testing that helps senders optimize for performance metrics such as opens and clicks.

Email A/B testing (aka split testing) lets marketing teams experiment with different campaign elements to discover what’s most effective. Subject line testing is just one of many experiments. You find out if subject line A gets a higher open rate than subject line B, for example. You could test CTA button placement, color, or copy. The imagery, headlines, messaging, and offers in your emails are also things to A/B test.

Why it’s important

The purpose of A/B testing is optimizing email design and copy in a way that resonates with your list so you drive email engagement. While you may have opinions about what will work, opinions can be wrong. Even so-called best practices may not be the approach that delivers the best results.

The only way to know for sure is to A/B test email campaigns. The winning variable will often surprise you. That’s why the marketing mantra “Always Be Testing” (ABT) exists.

Who needs this type of email testing tool?

Any email marketer who wants to improve campaign performance and gain a better understanding of their subscribers should take advantage of A/B testing.

Many ESPs will include email testing tools like this as part of the platform. That includes Sinch Mailjet A/B testing, where you can define specific criteria for different tests depending on the metric you want to improve. With Mailjet, you can test up to 10 versions of an email campaign at once.

5. Inbox placement/spam testing

The fifth and final example on our list of email testing tools helps senders avoid one of the most dreaded destinations in all of digital marketing… the spam folder.

Inbox placement refers to your ability to reach recipients’ inboxes rather than being filtered into spam or rejected by receiving mail servers. Inbox placement may also be referred to as seed testing or spam testing tools.

The term “seed testing” is used because test emails are sent to a unique set of email addresses known as seed mailboxes. The seed list does not contain any real contacts. The addresses exist to generate a report on inbox placement. It shows the sender if a mailbox provider is likely to let a message reach the inbox, send it to spam, or block it altogether.

Besides just telling you where emails are likely to land, a good inbox placement report helps senders identify and fix specific deliverability issues. That includes problems with email headers, authentication protocols, and many other possibilities.

Why it’s important

New requirements from Gmail and Yahoo in 2024 have many senders paying closer attention to their deliverability. Sinch Mailgun’s report, Email and the customer experience 2024, found that more than 72% of consumers have a Gmail account while more than 20% use Yahoo Mail. So, if you want to reach people, you’ve got to follow the new requirements.

Understanding how these providers filter your emails helps you catch deliverability issues right away so they can be addressed. With the right inbox placement testing tool, you’ll get an accurate deliverability estimation before your emails go out to recipients.

Who needs this type of email testing tool?

Some emails are more important than others.  For example, if your business relies on transactional emails to keep customers satisfied and business running smoothly, then deliverability of those messages is crucial.

You don’t ever want transactional emails landing in spam. Promotional emails can be important too – especially at certain times of the year such as Black Friday and Cyber Monday.

The truth is, deliverability is the most mysterious part of sending email, and inbox placement testing can demystify many things. The inbox placement reports from Mailgun Optimize are just one of the many useful tools you’ll find in a complete email deliverability suite.

Are there any free email testing tools?

The answer is yes – you will find some free versions of email testing tools around the web. However, the old adages “Buyer beware” and “You get what you pay for” definitely apply here.

For example, many free email validation tools only allow you to check one email at a time. Have fun with that. Free email testing tools that provide spam scores are also very limited. You can test a few emails before you get cut off, and who knows how reliable it is. Free HTML email previews usually provide a very limited number of tests and clients.

You’ll also find plenty of blog posts claiming to list free email testing tools, but they are really showing paid tools that offer free trials.  There’s absolutely nothing wrong with free trials, but if you care about quality and reliability, it’s worth investing in email testing tools you can trust.

Comprehensive email testing platforms

What if you want all the email testing tools? The good news is that some of the solutions we’ve mentioned in this article do provide more than one type of testing.

With Sinch Email on Acid, you get previews and a comprehensive email quality insurance platform that includes basic deliverability checks.

With Mailgun Optimize you get a complete email deliverability suite that includes both email validations and inbox placement tests as well as Email Previews powered by Email on Acid. There’s also blocklist monitoring to help manage your sender reputation and a Google Postmaster Tools integration.

Whether it’s performance optimization, deliverability, or rendering, email can get complicated in a hurry. Thankfully, the Sinch Email brands are here to help clear up confusion with email testing tools that put you on the right path.

The post What Email Testing Tools Do You Really Need in 2024?  appeared first on Email on Acid.

Good list hygiene is important. It supports email deliverability as well as better, more accurate email engagement rates. Invalid email addresses and outdated, unengaged contacts are like stuff stuck between your teeth. But instead of getting cavities, your inbox placement and email performance metrics will suffer.å

We know email marketers are faced with what feels like a never-ending amount of work. But trust us… Email list hygiene makes a difference. In this article, we’ll talk through why email list cleaning is important, how to do it right, and a few steps to take if you need to improve your deliverability.

What is email list hygiene?

Email list hygiene is the practice of managing your email list so that you’re only sending to valid and engaged email addresses. Outdated and invalid contacts are removed. Subscribers who haven’t engaged in awhile can be segmented to a separate list with a lower send frequency or targeted with a reengagement campaign.

Periodic email list cleaning (sometimes called “scrubbing your list”) is part of conducting list hygiene. But good email hygiene also means you’re ensuring your list is always in good shape. Think of it like the difference between flossing right before your dental appointment and flossing regularly.

It’s mainly spammers and irresponsible senders using questionable list building practices that find their lists need scrubbing. We’re here to explain how to

It’s the best way to maintain your engagement and deliverability for your email marketing program, but it’s often an overlooked part of your overarching email marketing strategy.

Why email list cleaning is needed

Your best asset in your email marketing program isn’t fancy coding techniques or eye-catching email designs (though those are both great to have.) It’s your email list.

These are the people who said, “yes please!” to hearing more from you. They’re the ones clicking and buying. Without an email list that contains subscribers who want to hear what you have to say, then you’re just wasting all that time and energy. Refusing to remove (or segment) unengaged subscribers just because they signed up year ago hurts your deliverability in the long run. A clean email list is a more engaged, more high-performing one.

But there are other reasons to clean your list, too. The average mailing list depreciates by about 22% a year because people switch mailbox service providers, change jobs, leave school, and ultimately abandon old email addresses.

You may have accidentally collected a bunch of invalid email addresses, either through typos (like “gmial” instead of “gmail”), fake addresses, or abandoned accounts. If you’re working in the B2B world, you may have outdated contacts from layoffs or job changes.

Remember, quality matters more than quantity. Cleaning your list regularly to keep your spam complaints, bounce rates, and unsubscribes down. At the same time, keep your deliverability rate, click-through rate, conversion rate, and open rate high.

The risks of poor email list hygiene

The real reason to conduct regular email list cleaning? Not doing so can put your email deliverability at risk. Sending daily or weekly emails to inactive subscribers reflects poorly on your sender reputation and it invites spam complaints. Plus, the failure to remove outdated contacts could lead to potential spam traps in your database. Sometimes mailbox providers use fake or abandoned email addresses as a way to catch spammers. These are known as recycled spam traps.

When you’ve got a dirty email list containing spam traps and unengaged subscribers, it has a negative impact how mailbox providers view your reputation as a sender. If thing get bad enough, you could land on an email blocklist, which means your messages get rejected until you take all the necessary steps to get delisted.

When should you conduct email list hygiene?

Some senders ignore email list cleaning, which is a huge mistake. According to Mailgun’s State of Email Deliverability survey, a combined 38.7% of senders in the survey rarely or never conduct list hygiene.

Just over a quarter of respondents cleaned their list on a monthly basis, which is a great habit. We recommend at least twice a year, if possible. That’s if you’re following good list building and segmentation practices throughout the year.

There are, however, a few other situations in which it’s a good idea to clean your email list:

1.   You’re switching ESPs, CRMs, or CDPs

Switching your email service provider (ESP), customer relationship management software (CRM), or customer data platform (CDP) comes down to data. It’s a great opportunity to clean your list and make sure you’re porting over only the contacts that actually want to be part of your list to your new email database. It’s also a good time to create a reactivation campaign.

And before you gather your data with a CDP, you’ll want to ensure that you maintain updated and accurate data. Whether you’re new to your role and inheriting a bunch of data sources that need to be organized, or you’re ready to discover new segments, build models, and deliver real-time personalization, cleaning your list should be high up on your to-do list.

2.   You get an influx of new contacts

Any time you gather new email addresses, it’s crucial to verify those contacts to make sure they are legitimate. Here are some reasons you may suddenly get a bunch of new email subscribers:

• You host a webinar or virtual event.
• You hold a contest or special promotion requiring an email opt-in.
• You collect email addresses at an in-person event/conference.
• You acquire a company along with their contact database.
• You conduct a co-marketing effort and share leads.
• You launch a new product that garners a lot of attention.

There are so many questions that you may not have the answers to, like “how did these emails come to the list?” “Are they purchased?” “When was the last time the list was cleaned?” “Is this a bulk email list with disengaged subscribers?”

Whether it’s from a shared list after a partner marketing event, a new role within your company, or after going through a merger, make sure you evaluate your list. (This is also where we repeat a crucial piece of email marketing advice: Don’t purchase an email list. Ever.)

The best way to answer these questions is to clean your list to verify valid email contacts before you send them any messages.

3.   You have a high email bounce rate

There are two kinds of email bounces to watch out for in your deliverability metrics: Soft bounces and hard bounces. Soft bounces happen because of a temporary issue, such as a downed server or full mailbox, while hard bounces happen because of a permanent issue, like an invalid email address. Both can impact your deliverability.

If you’re seeing repeated soft bounces from the same few email addresses, suppress them for a few weeks and try again. But you should remove any hard bounces as soon as they happen from your email list to prevent a ding on your sender reputation and deliverability. That’s because hard bounces indicate issues with your contact data and may mean you have too many invalid email addresses on your list.

4.   You’re getting spam complaints

Uh-oh! This can be a nasty one. One reason why you should clear your lists is to avoid spam complaints. If your audience doesn’t want your email campaigns and doesn’t see an obvious unsubscribe button, they might report you as spam.

That’s why proactive list hygiene is needed. You remove people who haven’t opened and clicked in many months to avoid the possibility that they’ll get fed up and mark your message as spam.

Gmail and Yahoo have a 0.1% spam complaint threshold before you’ll start getting filtered into junk. If you’re finding your user-report complaint rate inching up past that, email list cleaning is one step you can take.

5.   Your forms aren’t protected

Sometimes, bots fill out email sign-up forms, and you don’t want bots on your list. You’ve probably got an entire team taking care of your business’s cybersecurity issues, but if you have an unprotected input form, you might be in a bit of a bind.

To ensure that you’re only getting real leads or subscribers through your web forms rather than bad emails, disposable or fake email addresses, spam traps, or typos, you need to put a real-time email validation in place. This will not only help decrease the fraudulent or inaccurate data attacking your forms, but it will also protect your deliverability and sender reputation. Most importantly, cleaning your mailing list will improve your email marketing campaign ROI and create a better customer experience.

6.   Your engagement rates are low

If your open or click rates are consistently low, then it may be time to clean your email list. You know what drags down engagement rates? Unengaged contacts. When you remove or segment those subscribers, suddenly, your email marketing analytics look a lot better. That’s because you got rid of the dead weight that was dragging your metrics down.

Keep in mind, low engagement rates may suggest a bigger deliverability issue at play here. If more emails are landing in spam than the main inbox, your email open rates and clicks will decline too. That’s why a noticeable change in email engagement may indicate inbox placement issues.

5 best practices for email list cleaning

Keeping your email list clean takes dedicated effort, but the positive impact on your deliverability is worth it. Here are a few tools and practices you can use to make your email list hygiene a little easier:

1.   Use double opt-in

More than 50% of senders aren’t using double opt-in, according to Sinch Mailgun’s State of Email Deliverability report. We get it… Who wants to add friction to an acquisition process that’s already an uphill battle? But it’s always better to have a well-managed, slightly smaller email list with more engaged subscribers than a sprawling list of potential spam complaints waiting to happen.

While double opt-in takes an extra step compared to single opt-in, it helps limit the number of spam traps, bots, and human error typos in your mailing list. Plus, it ensures new subscribers truly want to join your list, which is helpful for GDPR compliance.

2.   Make it easy to unsubscribe

If your subscribers don’t want to hear from you, let them go. You should include a clear unsubscribe link in every email. Gmail and Yahoo now require a one-click unsubscribe option in email headers, so it’s time to get on board with easy unsubscribes. (Find out more about using RFC 5058 for one-click unsubscribes.)

If it hurts too much, then instead of just providing an opt-out option on your subscriber preferences page, provide an “opt down” so your subscribers can choose to stay engaged – just not as engaged as before.

In other words, this means your user can choose to receive fewer communications from you – say once a month instead of once a week. Or, they can choose to keep receiving your quarterly email newsletters but not every single promotion or new product announcement. This keeps your subscribers happy and also helps email marketers to segment their mailing list to send appropriate email campaigns.

3.   Use a sunset policy and strategic segmentation

Every email list has engaged and unengaged subscribers. What you do with those inactive subscribers is what matters for your deliverability.

Creating a sunset policy is a way to define what unengaged means for your email program and build a plan to slowly phase those subscribers out of receiving emails from you. That may include a re-engagement campaign (see below!) but it’s also about segmenting your list based on who wants to hear from you and their behavior rather than vanity metrics. According to Mailgun’s State of Email Deliverability, almost 60% of senders don’t use a sunset policy – so there’s a lot of room to improve here.

4.   Run a re-engagement campaign for unengaged subscribers

Sending one final email asking subscribers who haven’t opened your email in 90 days to opt-in to your emails can help you clean your email list by engagement and revitalize your metrics.

Keep it straightforward, like this email from Readymag. Rather than wasting space trying to explain all the reasons why they should stay, this email just asks the question, “Do you want to receive emails from us?” Anyone who doesn’t click should be removed from your email list. Your engagement metrics will thank you.

5.   Automate your email validation

Did you know that on average, up to 15% of email addresses on your list are invalid? Marketing automation is a great way to manage list hygiene and purge invalid, disengaged, or outdated email addresses. Set up rules to automatically segment or remove customers who haven’t engaged for a set time limit or whose addresses have bounced twice or more.

You can also use email validation/verification services to easily identify invalid emails during the opt-in process so those emails never make it to your list and hurt your deliverability in the first place.

Keep your email lists clean with Sinch Mailgun

Deliverability is one of the most challenging (and technical) aspects of email marketing. But with the deliverability solutions from our friends at Sinch Mailgun, it gets a little easier and a lot clearer.

Mailgun Validate is built to support optimal email list hygiene. Use it to bulk verify your entire list, identifying invalid contacts to remove before you hit send. You can also verify email addresses in real-time using the Mailgun Validate API with your forms to catch invalid contact data at the point of sign up.

For a more comprehensive email deliverability solution that includes email validation, check out Mailgun Optimize. This complete deliverability suite also provides blocklist monitoring, inbox placement reports for spam testing, and more. You can event integrate Mailgun Optimize with Google Postmaster Tools and Microsoft SNDS to monitor your reputation with major providers.

Don’t leave deliverability and good list hygiene to chance. Use the best tools to be sure the job’s done right.

The post Email List Cleaning Best Practices to Improve Your Deliverability appeared first on Email on Acid.

Email fraud is a big problem, especially when it comes to issues like email spoofing. Protecting the safety of email recipients is important to mailbox providers and it should matter to you as an email sender too.

Email marketers like you want subscribers to trust that campaigns are safe to open, and you want the email channel to continue being a place where brands and customers can connect. Starting in 2024, all senders will need to have email authentication protocols in place if they want to reach people using major services like Gmail and Yahoo Mail.

But when you start hearing about protocols like SPF, DKIM, DMARC, and BIMI, not to mention other acronyms like SMTP and MTAs, it can feel like you’re wading through a bowl of alphabet soup. Don’t worry. This guide will shed some light on what you need to know and point you in the direction of how to set up email authentication protocols correctly.

Email authentication protocols are unsung heroes working behind the scenes to verify that senders are who they claim to be before emails reach inboxes. Implementing these verification methods not only shows responsibility but also improves email deliverability.

The protocols can get pretty technical, and all the acronyms might remind you of a bowl of Alpha-Bits cereal. But let’s start by exploring the basics.

What is email authentication?

Email authentication is the process of using multiple methods to ensure that messages are not faked or forged before they get delivered. Mail servers on the receiving end use email authentication protocols to verify the sender name in the “from” field and other information located in the email header.

These protocols also check to make sure emails weren’t altered in transit, and they inform mail servers what to do with messages that fail authentication.

Email authentication protocols protect us from spam and phishing attempts, especially a type of phishing known as email spoofing. Here’s a quick explanation of the main protocols and specifications connected to email authentication:

• Sender Policy Framework (SPF): A list of sources that are approved to send mail on behalf of your domain.
• DomainKeys Identified Mail (DKIM): A combination of public and encrypted keys used to verify the identity of a sender before a receiving mail server accepts a message for delivery.
• Domain-based Message Authentication, Reporting and Conformance (DMARC): A specification that checks for SPF and DMARC alignment before informing receiving mail servers how to handle failures. DMARC also provides reports on email traffic to senders.
• Brand Indicators for Message Identification (BIMI): An email specification that enables senders to have a verified logo displayed at the inbox level when they are enforcing DMARC.

All these email authentication protocols and specifications are DNS TXT records that mailbox providers and receiving mails servers refer to when deciding whether to accept your message for delivery and whether it should be filtered into spam or reach the inboxes of their users.

Email authentication protocol requirements in 2024

When Gmail and Yahoo announced new requirements for bulk senders that began rolling out in February, the biggest change of all was about using email authentication protocols.

For a long time, SPF, DKIM, and DMARC were strongly recommended but not required. That’s not the case any more. In 2024, all senders must be using some form of email authentication. If you are a bulk sender – which generally means sending thousands of emails every day – then you need to be using all three of these authentication methods.

But even if you’re not a bulk sender, implementing SPF, DKIM, and DMARC is a smart move. Mailbox providers are getting serious about stopping problems like spoofing and cutting down on spam.

When Sinch Mailgun surveyed senders for its exclusive report, The state of email deliverability 2023, results showed a significant portion of senders were not using SPF, DKIM, and DMARC, while many others were uncertain of how their emails were being authenticated:

• Using SPF?
  • Yes: 55.4%
  • No: 12.8%
  • Unsure: 31.8%
• Using DKIM?
  • Yes: 58.5%
  • No: 11.1%
  • Unsure: 30.4%
• Using DMARC?
  • Yes: 42.5%
  • No: 18.7%
  • Unsure: 38.8%

These findings suggest there are many senders who need to improve email authentication – or at least check to make sure it is set up. In some cases, your email service provider (ESP) may be authenticating your emails.

For more on what this means, we recommend watching a webinar from our colleagues at Sinch Mailgun. They hosted representatives from both Google and Yahoo to get answers about what senders can expect and what you should do to meet the requirements. Marcel Becker of Yahoo told webinar attendees that the new requirements are really about making sure senders do the things they should already be doing.

What is email spoofing?

Email spoofing involves messages that appear to be from a known or reliable sender, but they are actually an attempt to acquire sensitive data such as access to a person’s finances or online accounts. Email spoofing leads to a fake website with a bogus login page where targets are asked to enter credentials or other information.

These email phishing attempts often try to forge the sender name as well as imitate the look of emails from recognizable brands including financial institutions, social media sites, or online retailers like Amazon.com.

Amazon spoofing is so common the company has its own email address for reporting potential scams and suspicious communications.

Example of an Amazon email spoof

Even savvy internet users can be tricked with email spoofing. Clever scammers often prey on the fear of getting hacked to trick people. That’s why email authentication protocols are so helpful. They keep malicious messages from ever reaching the inbox.

How does email authentication work?

Email authentication involves several possible methods of validating the origin of an email and domain ownership of message transfer agents (MTAs) that were involved in transferring or modifying an email.

Put simply, emails are sent from a certain domain or subdomain. Email authentication protocols are rules located in DNS (domain name system) records for these sending domains. To authenticate an email, the sending mail server and receiving mail server talk to each other, double-checking protocols in the DNS for confirmation of the sender’s identity.

While each protocol is unique, it generally works like this:

1. The sender/domain owner establishes rules for authenticating emails sent from or on behalf of its domains.
2. The sender configures sending email servers and publishes the rules in the DNS records.
3. Mail servers that receive emails authenticate messages from the sender using the published rules.
4. Receiving email servers then follow the published rules and either deliver, quarantine, or reject the message.

In addition to verifying legitimate senders, email authentication protocols also help establish IP address and domain reputation so that malicious senders can be more easily identified.

The four pillars of email authentication

Simple Mail Transfer Protocol (SMTP) is the standard foundation upon which email is built.  It’s what’s used to send and receive messages. However, SMTP doesn’t include a way to validate a sender’s identity, which is what makes it susceptible to spammers and phishing.

Email authentication protocols emerged in the early 2000s as a way to enhance the security of SMTP and thwart the rise of email spam. SPF and DKIM were the first widely adopted methods. DMARC soon followed as a policy to confirm and extend SPF and DKIM. BIMI is the new email specifcation on the block.

These email authentication protocols provide a standardized way for services such as Gmail, Outlook, Yahoo, and Apple Mail to verify the identity of senders as opposed to using separate, proprietary methods to authenticate email.

So, while email authentication might seem complicated, technical, and even a bit messy … these protocols do provide some standardization. Email marketers should be glad we don’t have to follow different protocols for every mailbox provider.

Let’s take a closer look at SPF, DKIM, DMARC, and BIMI.

1. SPF (Sender Policy Framework)

The Sender Policy Framework, or SPF, is an email authentication protocol that provides a DNS record specifying which IP addresses or hostnames are authorized to send email from a domain.

SPF is a DNS TXT entry that enables the receiving mail server to check that an email claiming to come from a certain domain is connected to an authorized IP address. The receiving server does this by looking up rules for the bounce or return-path domain in the DNS record. That is compared to the rules in the SPF record to ensure there’s a match.

Without implementing SPF, mailbox providers are much more likely to mark messages as spam.

In some cases, email service providers (ESPs) handle SPF implementation automatically. That’s because the ESP may provide the IP address and the return path. However, if you send a high volume of email, you likely want to avoid using a shared IP address. A dedicated IP helps you control sender reputation. Keep in mind that if you are on a shared IP address, your SPF record may need to be updated when you switch ESPs.

One of the downsides of SPF is that it won’t work when emails are forwarded. If your brand is one that relies heavily on email word-of-mouth (getting your audience to forward your message), there’s a decent chance of the SPF failing validation and never reaching anyone beyond your list.

2. DKIM (DomainKeys Identified Mail)

The next email authentication protocol is the result of two methods developed to prevent email forgery. In 2004, Yahoo merged its “DomainKeys” with Cisco’s “Identified Internet Mail.”

DomainKeys Identified Mail, or DKIM, uses an encrypted key known as a digital signature. This signature is added to email headers to help verify a sender and associate a message with a specific domain. DKIM also needs to be set up inside a sender’s DNS record.

You can think of DKIM like a watermark or fingerprint that is unique to an email sender. Unlike SPF, DKIM signatures continue working when an email is forwarded.

There are actually two keys that make DKIM work. Administrators generate a public key on the DNS record as well as a private key that mail servers transporting the email to the recipient use to verify authenticity. The private key is the DKIM signature in the email header.

The digital signature lets the MTA or receiving mail server know where information on the public key can be retrieved for authentication of the email. Finally, the public key is used to verify the encrypted key in the DKIM signature. This shows a connection between the email and the sending domain where the public key is located.

As secure as all of this sounds, it’s still possible for hackers to get a hold of DKIM keys and use them to impersonate a sender. For that reason, it’s recommended that DKIM keys are changed a few times per year.

According to a 2015 article on CircleID.com, some ESPs may share DKIM signatures among customers. That’s no good because a compromised digital signature could impact a bunch of companies at once. Hopefully, this issue is no longer as widespread as the article states. But, if your ESP is providing your DKIM signature, it’s a question that’s worth asking.

If you need to produce your own digital signature, there are DKIM generators that help create these email authentication records for you. You can also learn more about DKIM signatures and see an example record here on our blog.

3. DMARC (Domain-based Message Authentication, Reporting, and Conformance)

It was actually PayPal that led a group in developing DMARC technology to improve upon existing email authentication methods. PayPal was (and is) commonly impersonated by cybercriminals using fake emails. Several other big brands as well as major mailbox providers immediately adopted the method.

Technically, DMARC isn’t an email authentication protocol so much as a policy that mail servers on the receiving end refer to before delivering an email. DMARC helps determine how to handle a message when it fails authentication.

This policy, also known as Domain-based Message Authentication, Reporting, and Conformance, is yet another record that is published in the DNS. It specifies whether a sending domain is using SPF, DKIM, or both protocols for authentication. DMARC is often described as a way to get the best out of SPF and DKIM because it creates a common framework using both protocols

For many people, missing an important, legitimate email is even worse than letting spam get through to their inbox. Real emails can sometimes fail DKIM and SPF authentication for various reasons. So, mailbox providers may let emails through if they don’t pass the test but appear to come from a legit sending domain. DMARC makes it more clear what to do.

A DMARC policy allows senders to create a framework that defines its email authentication methods and dictates how to handle messages that violate the policy. There are three options domain owners can choose to specify the treatment of emails that fail DMARC validation:

The three DMARC p= policies:

1. p=none: Take no action. Treat the email as if there were no DMARC validation. This policy also helps gain an understanding of the email stream without impacting flow.
2. p=quarantine: Accept the email but send it to a junk or spam folder instead of the main inbox. Or, isolate the suspicious message for further inspection.
3. p=reject: Stop delivery of the email to any folder. The sender will be informed why the email is not getting delivered.

A DMARC policy that rejects unvalidated emails is the strongest, but it can mean email from a domain stops flowing if for some reason SPF and DKIM are failing.

A benefit of implementing a DMARC policy is that senders get regular DMARC reports, which provide the following information:

• Which servers and third parties are sending mail for your specified domain.
• The percentage of emails that pass DMARC.
• What servers or third parties are sending emails that failed DMARC.
• What actions receiving mail servers take on unauthenticated emails.

DMARC still isn’t perfect. Like SPF, it can break during email forwarding. DMARC may also be difficult for senders to set up, and concerns over stopping the flow of legitimate emails discourage stringent policies.

However, if your organization manages to set up and implement a successful DMARC policy, you’ll have an effective way to stop most phishing emails that attempt to spoof your sending domain.

DMARC policy requirements in 2024

Gmail and Yahoo’s new requirements for bulk senders require the use of DMARC along with SPF and DKIM. However, it is acceptable to have a DMARC policy of p=none – at least for now.

The mailbox providers have indicated that this is just the first step towards requiring an enforced DMARC policy of either p=reject or p=quarantine. First, Gmail and Yahoo want more organizations to adopt DMARC. Once the requirement is established, they’ll take things a step further and a p=none policy won’t cut it anymore.

To be clear… a DMARC policy of p=none is not the requirement. It is the minimum allowed at this point in time. As Marcel Becker of Yahoo told senders, enforcing DMARC is a win-win-win situation for mailbox providers, senders, and email recipients.

4. BIMI (Brand Indicators for Message Identification)

BIMI is the latest member of the email authentication family. Gmail and Yahoo are not requiring senders to implement BIMI. That’s because this specification is meant to encourage organizations to adopt all the other email authentication protocols. It’s almost like a reward for having strong authentication methods.

Unlike the other specifications, BIMI results in something your subscribers can see in their inbox. When implemented correctly, BIMI displays a verified, trademarked, brand-designated logo next to messages in the inbox.

The BIMI logo shows an email can be trusted because it means other email authentication methods are in place. It provides subscribers with a signal that an email is indeed authentic. This adds an additional level of trust because, even if scammers manage to get a phishing email delivered, it won’t display a logo.

In order to get mailbox providers to display a BIMI logo, you must have a fully functioning DMARC policy in place with SPF and DKIM records set up. In some ways, BIMI is the payoff for pursuing the other email authentication methods.

Like the other protocols, BIMI is a TXT record tied to a domain’s DNS. But, before you put a BIMI record in place, you need to have a properly formatted logo.

Compatible BIMI logos are SVG files in the shape of a perfect square, which can be cropped into a circle. They require a solid background and should be published via HTTPS. BIMI logo files need to be small and shouldn’t exceed 32kb. Finally, your logo must also be a registered trademark to meet standards.

Google launched a Gmail pilot program for BIMI in 2020. In July of 2021, news broke that Gmail was officially rolling out full support for BIMI. In 2023, Apple announced that it would also support BIMI logos in its Apple Mail client starting with iOS 16. That’s big news because it’s likely that a sizable portion of your list are using either Gmail or Apple Mail. It certainly makes the time and effort of setting up email authentication protocols seem even more worthwhile.

Implementing BIMI should ultimately increase subscriber confidence in the source of your emails. Get more advice, resources, and tools at BIMIGroup.org. You can also hear from two BIMI Group experts in our AMA on Brand Indicators for Message Identification.

Should you use all email authentication protocols?

Short answer? Yes.

You know how they say, “two heads are better than one”? That’s like using both SPF and DKIM. You know how School House Rock and Blind Melon say, “three is the magic number”? That’s like adding DMARC to the email authentication mix.

And as mentioned, you’ll need DMARC to get the most out of both those protocols and to get a BIMI logo to display.

While it could certainly take time and effort, setting up strong email authentication methods is worth it, especially if you have the resources.

Email marketers shouldn’t have to handle email authentication protocols alone. You’ll most likely need to get your IT team or someone esle with technical expertise to help you set up in DNS records. Your ESP may also need to get involved. Colleagues, vendors, or security consultants should be able to help you troubleshoot issues as you work to confirm that email authentication protocols are working correctly.

Who should take email spoofing seriously?

Whether or not you prioritize email authentication depends on how important security is to your brand – and more importantly – your customers.

For major online retailers, financial institutions, consumer tech companies, and others dealing with sensitive personal and business information, email spoofing can be a big problem.

Microsoft regularly tops a quarterly report from Check Point, a cybersecurity firm that lists the brands most often spoofed in phishing attempts. Other regulars on the phishing brands list include major banks like Wells Fargo and Chase. PayPal and Dropbox often make the list as do social sites like LinkedIn, Instagram, and Facebook. Email spoofing even targets kids using the online game Roblox.

However, you don’t have to be a gigantic company to get spoofed by scammers. An article from Kelly Sheridan on Dark Reading says criminals are now using smaller brands for email spoofing.  In fact, that includes Check Point, the cybersecurity company that publishes the brand spoofing list. Sheridan writes:

The Federal Trade Commission (FTC) has more info on what to do if your business is spoofed.

The benefits of using email authentication protocols

If you’re on the fence about email authentication protocols, or you need a way to convince others in your organization that it’s worth implementing, here are the key advantages:

1. Protect your customers and subscribers

It may not be your direct responsibility to stop email spoofing from fooling people, and it’s unlikely you’d be held liable for a customer who gets scammed. However, the fact that email marketers can do something means we should.

Even though a phishing scam isn’t your fault, that may not be how your customers perceive it. Certainly, customers who are scammed by email spoofing of your brand could become very hesitant to open and engage with legitimate emails from you. Which leads to the next benefit …

2. Protect your brand reputation

In a world where everyone faces cybersecurity threats daily, brands that have a reputation for being safe and secure are trusted.

Phishing emails exploit trust in your brand. If you can stop these malicious messages from reaching inboxes, you’re also stopping the erosion of trust. Email authentication protocols are tools you can use to stop phishing and protect your brand’s reputation.

Speaking of reputation, email authentication also helps you establish a strong sender reputation. That leads us to benefit number three …

3. Support email deliverability

Email authentication can have a direct impact on inbox placement. When mailbox providers can confirm the source of an email and the identity of the sender, it can be confidently delivered to inboxes.

On the other hand, failure to implement email authentication protocols increases the likelihood of legitimate communications landing in spam or getting rejected by mailbox providers. Email authentication is one of the most effective ways marketers can support email deliverability and a good sender reputation.

Manage email deliverability with Mailgun Optimize

Email authentication protocols are just one aspect of the complex and nuanced practices connected to deliverability. But achieving inbox placement doesn’t have to be a total mystery. With the right partner, you can gain the visibility you need to avoid spam, stay off email blocklists, and maintain a good sender reputation with mailbox providers.

Mailgun Optimize is a complete email deliverability suite. Here’s just some of what it can do:

• Reputation Monitoring: This feature monitors blocklists while helping you avoid spam traps. It integrates with both Google Postmaster Tools and Microsoft SNDS so you can keep an eye on your sender reputation with these important providers.
• Inbox Placement Reports: This solution provides reporting that lets you know where emails are likely to land – before you hit send. You can also use this feature to ensure your email authentication protocols are properly configured.
• Email Validation: Verify every contact in your database or set up email verification on sign up forms to maintain good list hygiene.

While email authentication can get technical, there’s no denying the fact it’s worth the time and effort to get things working. Now that Gmail and Yahoo are requiring authentication, there’s no excuse. Make sure you know if and how your messages are authenticated in 2024.

The post Email Authentication Protocols in 2024: Your Guide to SPF, DKIM, DMARC, and BIMI appeared first on Email on Acid.

For one thing, you need the right email infrastructure to get messages delivered from one server to another. You need to think about email authentication protocols that verify you as the sender. You’ve got to validate emails and keep your list clean. There’s also your sender reputation and email blocklists to worry about.

People in the know will tell you email deliverability is all about achieving inbox placement. That doesn’t just mean getting mailbox providers like Gmail or Yahoo to accept your message. Your delivery rate is only the beginning of the story. Technically, even emails that end up in spam are “delivered.” So then, you might think you’ve achieved ultimate deliverability success when you reach the inbox.

We’re here to suggest that’s not entirely true. Allow us to explain…

Consider the condition of your deliveries

Have you ever received a package that looked like it went through hell and back before it reached your house? Worse yet, maybe you opened it up and found the contents inside were destroyed.

It doesn’t happen often, but when it does, you probably think back to the opening of the classic ‘90s comedy Ace Ventura: Pet Detective. Jim Carrey really did a number on that package.

Broken email campaigns could also show up in subscribers’ inboxes looking like a pile of garbage. But it’s not because of an undercover pet detective. It’s because of a little thing email geeks call client rendering inconsistencies.

That’s why we think the very last step in email deliverability is ensuring that your campaigns render the way they’re supposed to. This may be much easier said than done.

Facing the email rendering nightmare

So, what is email rendering anyway? It’s basically the way different email clients process and display your designs (or don’t display them as the case may be).

You see, various email clients have varied support for HTML and CSS. What looks pixel perfect when opened with Apple Mail looks frighteningly horrible in desktop version of Outlook, for example. It’s similar to how good old Internet Explorer (R.I.P.) wouldn’t display web pages in the same way as other browsers.

The only difference is, there are even more challenges in email development compared to web development. The people who code their own emails for a living are painfully aware of this. However, if you’re a digital marketer without that expertise, you may have been blissfully firing off campaigns and newsletters without any idea that there could be problems on the other end. (Confession: I was one of them.)

Sorry to burst your bubble. But email client rendering inconsistencies are a real challenge. Check out the website Can I Email to get all the dirty details about what works and what doesn’t.

Sinch Mailjet’s Inbox Insights study found that inconsistent rendering was one of the biggest design and coding challenges for email teams. It was second only to struggles with responsive email development.

It happens because different clients have their own rendering engines. Apple Mail and others use WebKit to render HTML emails. Gmail has its own way of doing things (of course). And desktop versions of Outlook have been using Microsoft Word to render emails. Yikes, right?

Thankfully, that’s changing with the new Outlook, but don’t expect email rendering problems to disappear any time soon.

The worst-case scenario for email rendering

A lot of email rendering issues aren’t the end of the world. Things like seemingly random white lines in Outlook may not look professional, but your subscribers can still engage with the content. Gmail may not support the web font your brand prefers, but that doesn’t change the message.

However, there are also rendering issues that can turn your big email campaign into a major missed opportunity. For example, color inversion in dark mode emails could cause it to be completely unreadable because the text disappears into the background. Likewise, interactive emails with fallbacks that don’t show up won’t get good engagement at all.

Delivering a broken email that your subscribers can’t engage with is almost as bad as ending up in spam.

That’s why marketing teams who are serious about getting things right always conduct email quality assurance (QA). This process includes checking out email previews on different clients and devices as well as other steps that help you avoid costly mistakes and broken emails.

How to know more before you hit send

Here are two things email marketers should wonder about before they launch a campaign:

1. Will this campaign reach the inboxes of our subscribers or land in spam?
2. Will it look and function the way it should when it gets there?

Here’s some good news… The answers to these questions don’t have to be a complete mystery. There are two types of testing that let you see into the future. They are inbox placement testing and email pre-deployment testing.

Inbox placement testing

Also known as seed testing, an inbox placement report uses seed mailboxes to test how inbox providers like Gmail and Yahoo are likely to filter your campaign.

That’s right. While these reports provide information on literal inbox placement for current campaigns, they can also help you accurately predict deliverability before a campaign is launched. Be aware that not all these services are created equal. You want to find one with a wide variety of seed mailboxes for the highest degree of accuracy.

Find out more about these reports and how the inbox placement rate is calculated.

Pre-deployment testing

Also known as pre-send testing, this process is used to preview the way different email clients, devices, and operating systems display your campaign.

Much like seed testing for inbox placement reports, pre-deployment testing involves sending your email to a variety of mailboxes. After that, a collection of screenshots from those mailboxes is sent back to you so you can preview the way they’ve rendered.

This allows email marketers to catch layout problems and inconsistent rendering before they hit send. Then the email team can adjust the code or swap design elements to ensure the best experience possible is delivered to every subscriber on the list.

Email optimization solutions from Sinch

Here at Sinch Email on Acid, we offer a total solution for email quality assurance. While the Email Previews are a key feature, you’ll also benefit from things such as email accessibility checks, spell check, inbox display previews, and more.

With the Email on Acid platform, you can design your own workflow for pre-send email testing, That includes selecting the clients and devices on which you want to view campaign previews. Think of it as an automated email marketing checklist.

If you’re looking for a solution that helps with email deliverability from start to finish, check out Mailgun Optimize. This is a complete email deliverability suite from Sinch Mailgun.

Mailgun Optimize provides solutions for monitoring blocklists, inbox placement testing, and list hygiene. The suite also provides comprehensive email previews powered by Sinch Email on Acid. You can use both Mailgun Optimize and Email on Acid with any email service provider (ESP).

Whichever option works for you, you’ll gain a ton of confidence knowing your emails make it to the inbox and look good when they’re opened.

The post Email Rendering and Deliverability: How to See the Future in the Inbox appeared first on Email on Acid.

Updating your organization’s contact data is always a good idea. But if you haven’t been paying attention to your B2B email list recently, you may want to take a closer look at the situation. Recent events could mean your list is full of bad data and invalid contacts.

If you don’t take care of things soon, it could have a negative impact on your email deliverability.

Do B2B senders conduct list hygiene?

Last year, our colleagues at Sinch Mailgun surveyed senders around the world and published the results in “The state of email deliverability 2023.” When asked about their list hygiene practices, the majority of senders claimed they do it at least a couple times per year, which is the recommended minimum.

However, 38.7% of senders said they Rarely or Never conduct email list hygiene. That’s a concern.

When we look at B2B senders only, results were slightly lower with 38.2% saying they Rarely or Never practice list hygiene. But that’s nothing to celebrate. The truth is, B2B email list hygiene should probably take place more often than it does for B2C senders.

Here’s the reason why… Consumers don’t switch personal email addresses very often. However, people abandon work email addresses all the time. They get new jobs, get laid off, retire, or maybe their employer gets acquired. If you’ve been paying attention to the headlines, you’ve probably noticed there’s been a lot of moving and shaking in the world of work. Let’s take a closer look at what that means for your B2B email list.

3 reasons why it’s time for B2B email list hygiene

The nature of B2B email marketing requires senders pay close attention to the health of their contact data. Because cold emails from sales are a common tactic, sometimes contact lists end up including people who never opted in. But that’s another story…

Here are three reasons why your list of legit B2B contacts may have an unhealthy amount of outdated and invalid email addresses that you need to clean up ASAP.

1. The Great Resignation

Also known as “The Big Quit,” the so-called Great Resignation was a workforce trend that took place toward the end of the COVID-19 pandemic. In 2021, employees started quitting their jobs en masse as the hot labor market offered opportunities to find greener pastures in roles at new companies.

The dip in the chart below indicates the start of the pandemic in 2020. That’s when people were hunkering down and staying safe in the jobs they had. Then, as things opened back up in 2021, resignation levels returned to normal and kept climbing. Those levels remained higher than pre-pandemic numbers into the first half of 2023.

As people left behind their old jobs, they also left behind old email addresses. So, if you’re among the nearly 40% who Rarely or Never clean their B2B email lists, there’s a good chance you’ve got a lot of invalid addresses that are doing nothing for you but dragging down your email engagement metrics.

2. Tech layoffs

While plenty of people quit after COVID, many tech workers were dealing with the opposite situation. They got laid off. Many technology companies did a lot of hiring and growing during the pandemic as demand for their products and services surged.

During the lockdowns, there was higher consumer demand for things like online shopping and streaming services (Netflix, Amazon, Spotify). There was also higher B2B demand for tools that helped businesses with things like customer communication and digital transformation (Microsoft, Salesforce, Twilio, Zoom).

What goes up must come down. Over-investing and over-hiring during COVID led to many tech workers looking for new jobs. According to TechCrunch, the tech industry lost more than 240,000 jobs in 2023 alone. That’s around 50% more than 2022, and the layoffs are still coming in 2024.

The good news for tech workers is that the job market is still strong. The bad news for B2B senders who market to people in tech is that your lists may be in desperate need of validation.

3. Google’s inactive account purge

In May of 2023, Google announced it planned to update its policy on inactive accounts. When people stop using their accounts, they’re more likely to be compromised and used by bad actors for bad things like phishing scams and spamming.

In December, Google started deleting accounts that have been inactive for two years or more in a phased approach that will continue in 2024. Of course, that means inactive Gmail addresses are disappearing too.

Now, you’re probably wondering what personal Gmail accounts have to to with B2B email list hygiene. While it’s true that the purge does not impact Google Workspace accounts, it may also be true that your B2B list includes personal Gmail addresses.

If your signup forms exclude personal emails, this may not be a significant concern. However, if you allow personal Gmail addresses from B2B contacts, there’s a good chance people have been using them to subscribe. For example, what if people sign up for your newsletter or fill out a form for gated content using a personal email address they don’t check regularly? This is a common behavior when someone wants to avoid an onslaught of marketing emails from a business they’re not really interested in.

New bulk sender guidelines in 2024

Inactive account deletion isn’t the only change from Gmail impacting deliverability. Both Gmail and Yahoo are enforcing new sender guidelines you need to know about.

How list hygiene impacts inbox placement

Maybe you’re wondering, “What’s the big deal?” Does having outdated or invalid email addresses on a B2B list really matter? How could it hurt? I mean, you’re not bothering anyone.

Here’s the reality… Failing to regularly conduct B2B email list hygiene will eventually decrease your chances of reaching the inbox and increase the likelihood you land in spam.

Mailbox providers like Gmail, Yahoo, and Outlook are judging you as a sender. It’s called your sender reputation, and email engagement plays an important role in how your sender reputation is scored. When your engagement rates are low, it’s a sign to mailbox providers that your messages are unwanted, and maybe they should end up in the junk folder.

One thing is for certain, if there’s no one behind an email address to open and click, they’re not engaging with your B2B emails. What’s more – mailbox providers may also use abandoned email accounts as spam traps. If you’re trying to deliver emails to these addresses, your sender reputation will definitely take a hit.

Signs your B2B list needs cleaning

There are a couple of key metrics that could indicate you’ve got a B2B list hygiene problem:

1. Decreased open rates: If your email opens have been on a steady decline, it may not be your subject line strategy. Falling open rates can be a sign of deliverability issues. A lack of good list hygiene could have email servers sending more of your messages to spam – where they don’t get opened.
2. Increased bounce rates: One of the reasons an email bounces is that the account no longer exists. That kind of permanent failure is known as a hard bounce. If you see your hard bounce rate is higher than normal, it may be time to conduct some list hygiene.

Sinch Mailgun’s report on deliverability also found a significant percentage of senders were using questionable list building practices. If your organizations has ever purchased a list of contacts or used software to scrape the web for emails, a good list cleaning is a very good idea.

A solution for B2B email list hygiene

Are you a B2B sender who’s worried that your list contains outdated contact data and invalid addresses that are doing damage to your sender reputation? What you need is a tool for email validation that verifies whether addresses on your list are being used or not.

Allow us to introduce you to Mailgun Validate. While you can find an entire suite of deliverability tools through Mailgun Optimize, you can also take advantage of one of that product’s most powerful features – a standalone solution for email validation. And you can use Mailgun Validate no matter who your email service provider (ESP) might be.

Not only can you use this tool for email list validation, it can also help you keep invalid addresses from getting on your list in the first place. Integrate Mailgun Validate’s Email Validation API with your sign up forms to prevent typos and keep disposable emails and spam traps off your list.

Find out if your B2B email list is in need of better hygiene today. You can preview your list health for free with Mailgun Validate.

The post Why Now is a Good Time for B2B Email List Hygiene appeared first on Email on Acid.

Email deliverability can be complex and a bit mysterious. But if you fail to focus on it, all your investments in email communication could fall flat. The bottom line? You’ve got to get emails delivered if you want email marketing efforts to deliver results.

Keep in mind, some of the emails you send are much more than marketing promotions. They could contain important information about online orders, password resets, shipping updates, and account creation. You definitely don’t want those messages getting blocked by mailbox providers or landing in the junk mail folder.

The email deliverability experts from Mailgun Optimize are here to help. We’ve put together this comprehensive guide to boost your chances of getting delivered to every contact on your list. In this guide, we’ll cover everything from spam traps and email authentication to email verification and sender reputation.

Let’s get started…

What is email deliverability?

It’s as simple as it sounds, but things can get complex very quickly. Email deliverability focuses on methods that help messages land in the inbox rather than being blocked or filtered into spam folders by mailbox providers.

The mailbox providers or inbox service providers (ISPs), which include Gmail, Outlook, Yahoo Mail, AOL, and Apple Mail, are the main gatekeepers. If they don’t trust you as a sender or think you’re up to something suspicious, they may choose not to deliver your emails (or at least send them to junk).

Mailbox providers want to serve their users, which means prioritizing recipients, not senders. On the one hand, they want to make sure people using their services get all the messages they need and expect. On the other hand, if it can be helped, mailbox providers don’t want to let spam and phishing attempts into anyone’s inbox. Either of these missteps erodes trust among users who may switch to a different email service.

So, to put it plainly, email deliverability involves following a set of best practices that prove you are a responsible sender and not a spammer or a scammer. That often means doing what’s best for your subscribers while helping mailbox providers identify your legitimate messages so they can sort the good from the bad.

How is email deliverability measured?

There are a few metrics that reveal whether your email deliverability is strong or in poor shape. You can use these indicators to determine the overall health of your email program. They include:

• Bounce rate
• Delivery rate
• Inbox placement rate

Let’s take a closer look at each one.

Bounce rate

An email bounces when it fails to be delivered, which could happen for a variety of reasons. There are two different types of email bounces:

1. Hard bounces

A hard bounce occurs when there is a permanent delivery failure, which may indicate a serious email deliverability problem. Namely, it could mean that the receiving email server decided to block your message.

Other reasons for a hard bounce include:

• Fake email addresses
• Typos in email addresses
• Nonexistent domain name in the email address
• Invalid emails from a purchased list

If you have a high number of hard bounces, it could lead to getting blocklisted, which is something we’ll address later. If you have a smaller number of hard bounces, it’s likely related to having some invalid emails. However, it’s important to remove those contacts from your list as soon as possible to protect your reputation as a sender.

Some email service providers (ESPs) will do this for you, automatically adding invalid emails that return a hard bounce to a suppression list.

2. Soft bounces

A soft bounce indicates a temporary email deliverability problem. It’s less serious than a hard bounce but is still something you’ll want to keep an eye on.

Common reasons for soft bounces include:

• The contact’s email inbox is full.
• The size of the email is too large to be delivered.
• The contact’s email server is down/offline.
• Mailbox configuration issues.

You can try re-sending to email addresses that result in soft bounces. But if it continues to happen, those contacts should be removed from your list.

While an ideal bounce rate varies depending on a number of factors, in general, you’ll usually want to keep your bounce rate below 1%. That includes both hard and soft bounces.

Delivery rate

Even though you’ll hear the term thrown around in email marketing circles there’s no such thing as a “deliverability rate.” What those marketers are actually talking about is the delivery rate.

The delivery rate measures the percentage of emails that make it to recipients’ mailboxes. That means any folder: the inbox, spam, promotions tab, etc. It counts any email that didn’t bounce.

So, let’s say you send a campaign to 100,000 email addresses. If 5,000 get blocked, another 5,000 bounce, 10,000 go to spam, and 70,000 land in the inbox, your delivery rate is 80% (not 70%). That’s because even the emails that landed in spam were technically delivered. As long as the message didn’t bounce or get blocked, it counts toward the delivery rate.

You should aim for a delivery rate of 95% or higher. For comparison, users of Sinch Mailgun have an average delivery rate of 97.4%.

Inbox placement rate

A more precise way of measuring email deliverability is to monitor inbox placement. This looks at the percentage of messages that actually made it to the main inbox. So, it excludes anything that’s quarantined to spam or delivered to other folders instead.

In the Mailgun Optimize graphic below, this sender is getting an amazing 97.9% inbox placement rate while just 0.6% of emails are going into spam. The rest are marked “Missed,” which is likely because of invalid addresses that bounced or failed to reach the inbox for another reason.

Besides measuring what happens after emails are sent, you can also predict inbox placement, which gives you a better idea of email deliverability ahead of time. That means you’re able to address deliverability issues before you hit send. Find out more about the inbox placement solutions from Mailgun Optimize.

There are other deliverability metrics you should monitor, such as spam complaints and unsubscribes, but these don’t exactly measure deliverability. Instead, they could cause deliverability issues if they get (and stay) too high.

What causes email deliverability issues?

There are plenty of reasons why an email doesn’t get delivered. But let’s check out some of the biggest email deliverability pitfalls that hurt your chances of landing in the inbox. When your deliverability metrics are looking bleak, this is where to start looking for problems.

Spam traps

If you’ve bought a list, rented one, or scraped the internet to gain contacts, there could be imposter email addresses hiding in your list. That’s because mailbox providers and other entities plant traps to catch potential spammers. And if you built your list in a shady way, you are spamming those people.

Basically, a spam trap is an email address that never was or is no longer connected to a real subscriber, which suggests you’re collecting contacts in a deceptive or illegal manner. There are a few different types of spam traps:

1. Honeypots or pristine spam traps

Pristine spam traps are email addresses made for the express purpose of catching spammers. They are fake contacts hidden around the web. If they end up on your list, it’s a clear sign that you’re a spammer who either purchased contacts or has been scraping the internet for email addresses.

They’re also often called “true traps” or “honeypots” because they attract spammers like bears are attracted to pots of sweet honey. Mailbox providers, cybersecurity firms, and blocklist providers place these fake email addresses where spammers are likely to find them. So, those who try to harvest contact information for spamming end up getting caught when they send to a spam trap.

Honeypots have never been used as a real email address. That means there’s almost no possible way one could end up on your list unless you really are a spammer. In that case, it’s time to clean up your act if you want to improve email deliverability.

2. Recycled spam traps

When someone abandons an old email address, because they leave a job or school or just stop using it, that could become a recycled spam trap.

Mailbox providers sometimes repurpose old email addresses to catch senders who acquire contacts illegitimately. Of course, in this case, it may be that you haven’t removed those inactive contacts from your list yet. So, recycled spam traps aren’t as serious as pristine spam traps. But they can still hurt email deliverability.

If you continue sending emails to a recycled spam trap, this could eventually get you added to a blocklist or cause your emails to land in the junk folder. Plus, if those old email addresses predate GDPR, you could be fined for failing to obtain consent.

3. Typo spam traps

The least offensive spam trap involves common spelling errors and typos in an email address.

For example, maybe a user typed in gnail.com instead of gmail.com when subscribing to your newsletter. Or maybe someone jotted down their contact info at a convention or point of sale and it was tough to read their handwriting. Typo traps may not impact deliverability immediately, but if you don’t clean them up, your bounce rate will increase which will eventually cause problems.

The best way to avoid spam traps is to verify email addresses upon collection, which is a standard feature of Mailgun Optimize’s deliverability suite. You can also try bulk verifications for a large group of contacts to help clean your email list.

Spam complaints and unsubscribe rates

Back in the early 2000s, AOL became the first mailbox provider to give recipients the opportunity to mark emails as spam. Today, the report spam feature is part of every email inbox, and it’s what makes up the complaint rate metric.

A complaint rate that’s under 0.1% is considered acceptable. The industry standard, however, is to have fewer than 0.02% of your messages marked as spam. That is pretty minuscule.

Sometimes recipients mark legitimate emails as spam. They may simply be tired of hearing from you. Maybe you’ve been emailing them a bit too much and they want to unsubscribe. For that reason, make sure there’s an easy and obvious way to let subscribers opt-out of your emails. Losing a few subscribers is way better than a high spam complaint rate (especially when you’re not really spamming).

However, an unsubscribe rate can certainly be too high and have a negative impact on email deliverability. If mailbox providers see that lots of people don’t want to hear from you anymore, that’s a signal that you may be acting like a spammer. It’s not uncommon to see a few unsubscribes with every campaign. But your unsubscribe rate should be no more than a fraction of a percent.

If you start to see an unsubscribe rate near 0.5%, that’s a good time to clean your list to remove inactive subscribers and try to increase email engagement with strong subject lines and compelling email content.

Spam scores

There has to be some sort of tipping point when mailbox providers decide a message qualifies as spam. Mailbox providers and spam filters do this by assigning a score to emails, which essentially rates the likelihood of it being spam.

Different filters and ISPs have proprietary methods for assigning a spam score, but they basically work the same way. There are different spam signals that count against your spam score, and after it crosses a certain threshold, the message gets quarantined. In some cases, doing something right may also bring down your spam score.

One of the most popular spam filters is SpamAssassin, which is an open-source solution from Apache. Its scoring process is pretty straightforward. SpamAssassin conducts hundreds of tests to check for factors such as email authentication protocols, suspicious links, invalid message IDs, missing MIME sections, and spammy terms.

A positive score is applied if the test result indicates a likelihood of spam. A negative score or no score is applied if there’s no sign of spam, or you’re doing things right. All those individual test results are added up to create the spam score. The higher it is, the greater the likelihood of spam.

The default threshold for a SpamAssassin score is “5” with a “10” being the highest. The spam filter Barracuda has a similar scoring system. But keep in mind that mailbox providers and system admins can adjust the settings to be higher or lower as well as choose the specific checks they want to run.

 When Email on Acid runs a SpamAssassin test during deliverability checks, we use the default score of “5” to provide a pass/fail result on that particular email.

In addition to the spam testing built into Email on Acid’s Campaign Precheck, Mailgun Optimize users can conduct inbox placement tests using a seed list to get an even more comprehensive report on email deliverability. In the sample report below, you’ll notice that 100% of emails went to spam for some mailbox providers (Outlook and Hotmail). That’s an indication that your domain or IP may be blocklisted by those email clients.

Blocklists

A blocklist (formerly referred to as a blacklist) is a list you definitely don’t want to be on. But it does happen, even to legitimate senders and well-meaning email marketers. Blocklists are databases of sender domains or IP addresses assumed to be transmitting spam. If you’re on the list, your emails may not be delivered to any mailbox provider using that blocklist.

There are two main types of blocklists:

1. Domain-Name System Based Blocklists (DNSBLs): A list of blocked sending domains
2. Real-Time Blocklist (RBLs): Catches offending IP addresses in real time

Vendors like Barracuda, SpamCop and Spamhaus operate blocklists. Plus, mailbox providers like Microsoft Outlook have their own internal blocklists as well. The impact that being blocklisted has on deliverability will depend on the blocklist and how widely it’s used. However, landing on smaller blocklists is still a sign that you’ve got potential email deliverability issues.

It’s worth noting that, even if you end up on blocklist, it’s still up to the receiving mail system to decide if your messages get delivered or blocked. Here’s how Spamhaus explains it:

“Spamhaus does not tell a 3rd-party mail system what to do with an item of email. The 3rd-party mail system asks Spamhaus for an opinion and Spamhaus responds to that request with its opinion. In effect the receiving mail server asks the Spamhaus DNSBL ‘Does this Sender’s IP Address exist on the Spamhaus database?’”

Here’s a diagram of how that works:

How do senders get blocklisted?

You could end up on a blocklist for a bunch of different reasons. They include:

• Spam traps in your contact list
• Too many spam complaints
• A sudden, unnatural jump in the size of your list
• Mail server configuration issues
• Failing to honor unsubscribe requests

There are plenty of other factors, some technical and some policy related. Each blocklist has its own set of criteria, which is why the most effective way to avoid being blocklisted is to follow email deliverability best practices, watch out for technical issues, and act like a respectable, responsible sender

How do you get removed from blocklists?

There are a lot of blocklists around the world, and there’s a good chance your sending domain is listed on at least one or two of them. That may not be a major issue. But it is important to stay off the most used blocklists.

If you do end up on a major blocklist and your email deliverability is impacted, you’ll often receive a notification that indicates the next steps you can take for potential removal.

Many blocklist providers have a defined self-service path to getting delisted. This usually involves sending them your contact information and any comments as to the possible reason for the block. Others will provide a case-specific email address and subject line.

For major DNSBLs like Spamhaus and Spamcop, you can request specifics about the offending traffic and find out why the blocklisting occurred. This helps you target and fix the issue. It will also be helpful when you explain what you’ve done to remediate the problem that got you on the blocklist.

Get more information on blocklist removal from our friends at Mailgun.

Email authentication failures

One of the biggest threats to email security is phishing, which includes a tactic known as brand spoofing. This is when a bad actor tries to impersonate a recognizable brand using fake messages that appear real at first glance. The fake email sends people to a fake (but convincing) landing page where scammers collect sensitive information.

Spoofing can hurt your brand reputation, and mailbox providers want to block these emails to protect recipients. That’s where email authentication protocols and specifications come in. Here’s how deliverability expert Nick Schafer describes it:

Email authentication includes the use of:

• SPF or Sender Policy Framework
• DKIM or DomainKeys Identified Mail
• DMARC or Domain-based Message Authentication, Reporting, and Conformance

Receiving mail servers look for these authentication factors before deciding whether to deliver, block, or quarantine your emails. While failing authentication doesn’t guarantee anything, it certainly increases the likelihood your message won’t be delivered to the inbox.

Emails often fail authentication and get blocked or quarantined when they come from an impersonator. But legitimate messages could also suffer email deliverability issues if authentication protocols are missing or if records are improperly configured.

Understanding email authentication

Email authentication is one of the more technical areas of deliverability. It involves the use of DNS TXT records, which need to be set up on your sending domain servers, and specific information that’s included in the email header. When a receiving mail server processes a new message, it takes header information and uses the DNS TXT records to verify the authenticity of the sender.

Enforcing email authentication supports email deliverability because it gives mailbox providers a strong signal that your messages are safe and legit.

Sender Policy Framework (SPF)

No, this isn’t sunblock. An SPF record is a list of domains and IP addresses that are approved to send mail on your behalf. When receiving mail servers try to authenticate a message, they match up the sending domain or IP with the list published on your DNS.

SPF is sort of like a bouncer at a VIP event. If you’re on the list you get into the inbox, if you’re not… you probably don’t.

A domain can only have one SPF record. However, it’s totally possible to have more than 10 approved IPs. Using an “include” parameter in the SPF record allows senders to add long lists of IP addresses. One well-known drawback of SPF authentication is that it breaks when an email is forwarded. That’s because the email is now being sent from a new IP, which is not listed on the SPF record.

Learn more about SPF >>>

DomainKeys Identified Mail (DKIM)

DKIM authentication involves encrypted keys that help verify a sender’s identity. At this VIP event, instead of being on the list, you need to give the bouncer (aka mailbox provider) the secret password to get inside the inbox party

When you set up DKIM, there is a public key that’s published in the DNS record and a private/encrypted key that’s sent with the email. That private key is also known as a “digital signature,” which should be unique to the sender.

The receiving mail server pairs up the encrypted key with the public key to authenticate the message. If the keys don’t match up, email deliverability issues are more likely.

Learn more about DKIM >>>

Domain-based Message Authentication, Reporting and Conformance (DMARC)

The email industry introduced DMARC to help stop spoofing by combining the powers of DKIM and SPF while creating a policy that informs mailbox providers what to do with messages that fail authentication.

Another benefit of DMARC is that it provides regular reporting on your email traffic. This lets you see who is sending email on your behalf, makes it easier to catch spoofing, and helps identify potential email deliverability issues.

When a sender implements DMARC, receiving mail servers will check for both SPF and DKIM alignment. Then it checks the DMARC DNS record to find the policy for handling authentication failures.

There are three possible DMARC policies:

1. p=reject: This means authentication failures should be blocked
2. p=quarantine: This means authentication failures should go to spam
3. p=none: This means messages that fail authentication could still land in the inbox

A p=none policy leaves email deliverability up to the mailbox providers. But, trust us, they’d rather have your help deciding what to do with emails that fail authentication. That’s why they created DMARC in the first place.

The problem is that too many senders set up relaxed DMARC policies, which lets them get reports but not much else. The only way to effectively use DMARC to thwart email spoofing is to enforce a policy set to p=reject or p=quarantine.

Learn more about DMARC >>>

Brand Indicators for Message Identification (BIMI)

BIMI is like a fun bonus for senders who are kicking butt at email authentication. If you’re doing it right, you qualify for displaying a branded logo in the inbox. (And what brand doesn’t want their logo in more places?)

In order to be “BIMI-ready,” you must set up DMARC with DKIM and SPF. Most importantly, your DMARC policy must be set to p=reject or p=quarantine. If you’re using p=none, you don’t qualify for a BIMI logo.

BIMI doesn’t directly impact email deliverability. However, there’s research suggesting a branded inbox experience increases subscriber engagement, which is definitely good for supporting deliverability. Plus, if you have a BIMI logo, it’s a strong sign that you have a good sender reputation.

Find out more about BIMI >>>

Email deliverability and sender reputation

While individual email messages receive spam scores, sender reputation involves rating the trustworthiness (or spamminess) of different domains and IP addresses. It’s a lot like a credit score for email marketers. Sender reputation (or email reputation) is a major consideration in email deliverability.

Email reputation is measured by evaluating the behaviors of either a particular sending domain or a specific IP address. So, what’s the difference?

Domain reputation vs. IP reputation

Domain reputation is connected to the domain used to send email from your organization. This may be your main domain (example.com), or certain subdomains (mail.example.com, marketing.example.com, etc.).

Using subdomains for different emailing purposes can help protect your domain reputation. This way, if marketing promotions are sent from a separate subdomain, and people start complaining about spam, it won’t impact email deliverability for the domain used to send transactional messages.

Domain reputation is connected to brand reputation. If you’re a well-known, reputable brand, mailbox providers assume recipients want and expect your messages. So, they’re more likely to get delivered.

IP reputation measures the trustworthiness of unique IP addresses where email originates. It relies on factors such as bounce rates, spam complaints, message content, and other factors traced back to the sending IP. You can always start fresh with a new IP, but you’ll also need to warm up that IP address and build a better email reputation from scratch.

The problem is that some senders use shared IP addresses while others have a dedicated IP address for sending email. On a shared IP, you also share the reputation of other senders.

Dedicated IPs are normally only used by high-volume senders (more than 100,000 emails per month). If you’re using a traditional ESP, it’s likely that you are on a shared IP. That’s why Mailgun deliverability expert Nick Schafer thinks most mailbox providers lean more towards measuring domain reputation.

However, Nick adds that IP reputation is still a factor you should consider. That’s because he knows email clients like Micrsoft Outlook still use IPs for email reputation scoring, which means it could be quite important for B2B email deliverability.

Here’s how Google Postmaster Tools defines different IP and domain reputations:

• Bad: A history of sending a high volume of spam. Mail coming from this entity will almost always be rejected at connection time or marked as spam.
• Low: Known to send a considerable volume of spam regularly, and mail from this sender will likely be marked as spam.
• Medium/Fair: Known to send good mail, but has occasionally sent a low volume of spam. Most of the email from this entity will have a fair deliverability rate, except when there’s a notable increase in spam levels.
• High: Has a good track record of a very low spam rate, and complies with Gmail’s sender guidelines. Mail will rarely be marked by the spam filter.

So, maintaining a strong email reputation seems fairly simple. Don’t do spammy things, right? Still, it is important to monitor and maintain a good sender reputation to maximize email deliverability.

With Mailgun Optimize, you can integrate Postmaster Tools as well as Micrsoft SNDS, which helps you monitor your sender reputation with Outlook.

How to check your email reputation

Different mailbox providers have unique ways of scoring a sender’s reputation. There are some services that help you check sender reputation by providing an overall rating. But you can also use tools provided by the mailbox providers themselves.

For example, Google Postmaster Tools can help you check your reputation with Gmail. Microsoft SNDS is helpful for monitoring deliverability to Outlook addresses. The MXToolbox SuperTool is super useful because it checks for a variety of factors that impact sender reputation.

Talos from Cisco has a domain and IP reputation checker that shows whether you’re trusted or not. There’s also the BarracudaCentral, which lets you look up your reputation with the Barracuda spam filter and blocklist.

If you discover you need to improve your sender reputation, Mailgun Optimize can provide dedicated email deliverability specialists who can guide and consult you along the way. When you opt for Deliverability Services, our dedicated Technical Account Managers can help you create a custom strategy along with proactive reputation monitoring.

10 best practices to support optimal email deliverability

Maybe you’ve noticed a bit of a theme running through this guide…

But just exactly what are the right things to do in support of deliverability? Here’s our top 10 list of email deliverability best practices:

1. Warming up your IP and domain

When an organization starts using a brand new, dedicated IP address for sending email, that IP has no history with mailbox providers. So, it needs to start building up a sender reputation. This is kind of like not having a credit score until you get a credit card or take out a loan.

If you’re a high-volume sender using a new IP or sending domain, it may look suspicious if a ton of emails suddenly start coming from those sources. The domain and dedicated IP warm-up process helps with this. Failing to warm up a new IP is likely to hurt deliverability as ISPs block or quarantine the messages that they’re unsure about.

NOTE: This is less of a problem with shared IPs since they already have an email reputation with mailbox providers.

The warm-up process involves starting to send out emails slowly and gradually increasing the volume and frequency. This gives the mailbox providers and ISPs a chance to review the content of your messages and see how recipients respond. If they open and engage, you’re good. If they ignore, delete, or mark emails as spam, you’re not so good.

Imagine you’re trying to get a “date” with a mailbox provider. The IP warmup process is sort of like making a good first impression, taking it slowly, and meeting their friends before you make your move.

You can follow a manual warmup process, or your ESP may offer an automated IP warmup service for customers using a dedicated IP.

2. Following anti-spam and data privacy laws

Breaking the law is probably the easiest way to ruin your email reputation (not to mention the potential fines). Data privacy continues to be a major issue for consumers and businesses around the world. Anyone with an email list is handling personally identifiable information (PII) because email addresses are PII.

To maintain a strong sender reputation and support email deliverability, make sure you follow these laws:

CAN-SPAM

CAN-SPAM stands for “Controlling the Assault of Non-Solicited Pornography and Marketing.” The United States’ anti-spam law has been around since 2003. It was one of the first of its kind, and it’s not without its critics or controversy. Namely, a lot of privacy advocates and others in the email industry felt it didn’t go far enough.

However, it does establish some specific rules for sending commercial emails. The U.S. Federal Trade Commission (FTC) lists these main CAN-SPAM requirements:

1. Don’t use false or misleading email header information.
2. Don’t use deceptive subject lines.
3. Identify messages as an advertisement.
4. Tell recipients where you are located.
5. Tell recipients how to opt out of receiving your emails.
6. Honor opt-out requests promptly (within 10 business days)
7. Monitor what others are doing on your behalf (third-party solution providers)

Find out more about CAN-SPAM compliance for email marketers.

CASL

The Canadian Anti-Spam Law (CASL) is considered to be a bit tougher on spam than the U.S. version. (So, I guess Canadian politeness doesn’t apply to spammers).

One thing that separates CASL from CAN-SPAM is that Canada’s law requires both an opt-in process and a way to opt-out. The U.S. law only requires a way to unsubscribe, which some feel gives senders a license to spam. CASL also applies to a wider variety of electronic messaging, whereas CAN-SPAM applies to email and some text messages.

Find out more about CASL compliance for email marketers.

GDPR

The European Union’s General Data Protection Regulation (GDPR) was the data privacy legislation that rocked the world when it became law in 2018. It’s still shaking things up, and it’s become the standard for new consumer privacy legislation.

While complying with GDPR is serious business, it shouldn’t be a huge concern for senders who are already following best practices and acting responsibly.

These are the seven key principles of GDPR:

1. Lawfulness, fairness, and transparency: Have a lawful/appropriate reason for collecting, storing, and processing personal data. This principle includes obtaining consent as well as outlining how and why data is used in a readily available company privacy policy.
2. Purpose limitation: Establish limits on how personal data is used and communicate those limits in the privacy policy.
3. Data minimization: Collect the smallest amount of personal data required. Don’t acquire or store sensitive data you don’t need.
4. Accuracy: Take steps to make sure personal data is correct, complete, and up to date.
5. Storage limitation: Be prepared to justify the length of time personal data is stored and anonymize data you don’t actively use.
6. Integrity and confidentiality: Have security measures in place to protect sensitive data and personal information from bad actors.
7. Accountability: Have a system of records in place that proves you are following GDPR.

An important aspect of GDPR is the ability for consumers to ask for all the data collected about them and to have it deleted upon request. These are known as data subject access requests (DSARs). And that’s one reason why meticulous digital record-keeping is crucial when complying with the EU’s privacy law.

GDPR should be followed even if you aren’t doing business in Europe. Even If you’re a small business, it’s tough to tell whether someone on your list is in the EU or not.

Find out more about GDPR compliance for email marketers

CCPA

The California Consumer Privacy Act (CCPA) is a state law that came about not long after GDPR, and it follows many similar principles and rules.

While CCPA only applies to consumers residing in California, it has become a sort of de-facto law of the land in the U.S. That’s because (as of this writing) there’s still no federal law that’s considered a GDPR-equivalent.

The differences between CCPA and GDPR are in the details. For example, while GDPR protects “data subjects” CCPA protects “consumers.” In that case, the GDPR law is a bit broader.

The CCPA also protects household and device-specific data, and it includes a provision requiring the ability to opt-out of having personal data sold to third parties, which GDPR does not. On the other hand, GDPR is stricter about getting parental consent for processing data of those under the age of 16 (or 13 in some regions).

Find out more about CCPA compliance for email marketers.

And more to come…

Following the launch of CCPA, other states followed suit, drafting their own privacy laws. However, a comprehensive federal U.S. privacy law could be on the way. That could make things a lot simpler and more consistent.

The largely bi-partisan American Data Privacy and Protection Act (ADPPA) is working its way through congress, but it could take a while to become law.

Outside of the EU, plenty of other countries have their own data privacy laws, which you should follow if you do business and send email in those nations. However, in most cases, being GDPR compliant keeps you covered for other laws. (Please consult your own legal experts for official advice.)

Senders may also need to consider things such as PCI compliance for credit card processing or HIPAA for healthcare data privacy in email.

The connection between email deliverability and compliance with privacy laws should be clear. Senders who respect those laws and guidelines are putting their subscribers first, and that tends to mean you are following many email deliverability best practices.

3. Setting up email authentication

Email authentication protocols aren’t part of any laws, but they would be if mailbox providers ran the world. We’ve already discussed the importance of email authentication to deliverability. At a minimum, you should set up SPF and DKIM authentication.

While ESPs can often help with setting up email authentication protocols, you’ll need to be sure your DNS records are correct. That includes adding your ESP to your SPF record.

Where you can really make a difference is with DMARC, including an enforcement policy set to p=reject or p=quarantine. That will go a long way towards protecting your reputation as a sender.

If DMARC sounds too technical for you and your team, there are vendors out there who specialize in helping you implement everything. They include:

• Red Sift
• Dmarcian
• Agari
• PowerDMARC

4. Increasing email engagement

It almost sounds too simple, but it’s 100% true: sending awesome email campaigns will support better email deliverability.

When mailbox providers see that recipients are opening and engaging with your messages, they’ll know people want to receive what you’re sending. That means Gmail, Apple Mail, Outlook, and the rest of the gang are more likely to make sure your emails land in the inbox where people will find them.

So, create email campaigns that people love. When you strategize, write, design, and develop emails, ask yourself what your subscribers want and how you can surprise and delight them. Make it so that everyone on your list anticipates your next email.

Check out our free, on-demand webinar on improving email engagement to get some great ideas.

5. Verifying email contacts and cleaning your list

Of course, there will always be some party poopers on your list. So, clean that crap up!

You should take the time to conduct some email list hygiene at least twice a year. That means removing inactive subscribers and invalid/outdated contacts. That will help keep your email engagement metrics looking good.

Maintain a cleaner list throughout the year by verifying email addresses when people sign up or fill out a form on your site. Check out some email list cleaning best practices to learn more. Mailgun Optimize’s email verification features are an excellent tool to help you scrub your list and keep it clean. Check out Mailgun Validate for a dedicated email verification solution, including a validation API you can integrate into your site, online forms, and applications.

6. Using a double opt-in

The best way to make sure new subscribers are valid and actually want to hear from your brand is to implement a double opt-in process. In essence, this involves double-checking that a new contact truly wanted to subscribe.

Here’s how a double opt-in process works:

1. A new contact fills out a form or subscribes to your email list.
2. You let them know to check their inbox to confirm the subscription.
3. You send them a follow-up email asking them to click and confirm.
4. If the contact clicks to confirm, you add them to your list.
5. If the contact does not confirm, they haven’t officially opted in yet (so you don’t add them).

Now, you’re probably thinking, “If I do that, I’m not going to grow my list nearly as fast because there are going to be a bunch of people who miss or ignore that confirmation email, man!”

That’s probably true. But if the contact doesn’t open and engage with your confirmation email, how likely are they to open and engage with future campaigns? It’s more likely that they’ll just become dead weight that you’ll need to remove from your list down the road.

Don’t forget… good email engagement supports better email deliverability.

When implementing a double opt-in process, make sure the entire flow is compelling and convincing. Confirmation emails should have strong subject lines and you can A/B test those emails to optimize them for conversions.

Use the fear of missing out (FOMO) to move new contacts along in the double opt-in process: “You don’t want to miss what will be sharing with you in coming months.” Or consider offering an incentive such as a discount code on the Thank You page after people opt in.

7. Never purchasing an email list

Just don’t do it. It’s a bad idea. It won’t work… at least not for long. And it could get you in some serious trouble (spam traps, blocklists, privacy violation fines, etc.).

Sure, your list gets a lot bigger when you pay for it. But those contacts didn’t want to hear from you. That means they’re not interested, they’re not going to convert, and they’re going to mark your emails as spam (which they should).

If you need some lessons in how to do things the right way, check out our article on the timeless lessons in Seth Godin’s book, “Permission Marketing.”

Bottom line: purchasing lists will be bad for email deliverability. And in most cases, your email service provider (ESP) will prevent you from using a purchased list anyway.

8. Avoiding spammy behavior

They say that if it looks like a duck, waddles like a duck, and quacks like a duck… it’s not a goose or a chicken. (Hint: It’s probably a duck). The same thing goes for email spam and spammers.

An excellent email deliverability best practice is to ask yourself, “What would a spammer do?” Then, do not do those things.

While occasionally using ALL CAPs or exclamation points probably won’t get you sent to the spam folder, you shouldn’t overdo it either. (It’s also just kind of obnoxious, anyways.) HubSpot has a list of hundreds of industry-specific words and phrases you may want to avoid.

Spammers often use image-only emails, have poor grammar and spelling, use lots of symbols, and use deceptive text in hyperlinks. Remember that a spam score is being applied to every campaign you send. So, don’t act like a spammer and your emails won’t look like spam. It’s that simple.

9. Monitoring email deliverability metrics

We all love benchmarks, but the most important email deliverability benchmark is where you are now. Then, unless you’re perfect, set a goal for improving deliverability metrics.

Look at bounce rates, delivery rates, and inbox placement for individual campaigns as well as your entire email program. How do transactional emails compare to marketing emails and newsletters? Are certain segments of your list more engaged than others?

Keep an eye out for changes in email analytics that may indicate deliverability problems. And make sure engagement is something you consider as you measure email deliverability.

Deliverability Monitoring from Mailgun Optimize helps you stay ahead of those problems before they negatively impact your email program. It includes a dashboard of deliverability metrics along with ongoing monitoring for blocklists and spam traps.

10. Conducting a deliverability audit

If you really want to dig deep into email deliverability, there’s no better way to explore it than with a full-blown audit. This can and should be part of a big-picture email marketing audit. However, you could also choose to focus solely on deliverability.

Our pals at Sinch Mailgun have an in-depth guide to conducting an email deliverability audit. It includes tasks such as evaluating email infrastructure, verifying email authentication, conducting list hygiene, and assessing your sender reputation.

You can decide how technical and complex your email deliverability audit should be. Most importantly, you’ll need benchmarks from the previous year (or quarter) so you can measure improvements and catch potential problems.

After you complete your audit, create a list of action items so that you have a clear plan for improving and maintaining email deliverability moving forward. Some of those items, like list cleaning, can be addressed immediately. Others, like improving your sender reputation, will take more time and dedication.

How Mailgun Optimize can help

Mailgun Optimize is a complete email deliverability suite including tools and insights to help email marketers get the most out of every campaign and help every sender make sure important messages land in customer inboxes.

Mailgun Optimize is built on reliable infrastructure from Sinch Mailgun, but you can use any ESP and still take advantage of all the tool’s features and benefits.

Mailgun Optimize offers you the ability to proactively monitor, manage, and optimize your program and your strategy. With Mailgun Optimize, you can:

• Quickly clean up your email list to reduce bounce rates.
• Ensure that every new email address you add to your mailing list is valid.
• Seed test your emails to ensure they’ll land in the inbox and not the spam folder.
• See exactly where they’ll land in Gmail and other mailboxes with tabs.
• Preview campaigns across the most popular devices and email clients.
• Monitor IP blocklists so you can take action immediately.
• Identify and avoid spam traps in your email lists.
• And a lot more – we’re bringing you more great features soon!

Get started with Mailgun Optimize today and grab control of your brand’s email deliverability. Contact us to set up a custom demo. Learn more about how Mailgun Optimize works and how it can help.

The post Mailgun Optimize’s Complete Guide to Email Deliverability Best Practices appeared first on Email on Acid.

Despite your best intentions, your amazing email marketing campaigns are often filtered into spam. That’s a bummer. Your emails are not junk. So why do they land in the junk folder?

The truth is, it may have nothing to do with individual campaigns or so-called spam trigger words. It may have more to do with a failure to follow email deliverability best practices.

When our colleagues at Sinch Mailgun surveyed senders around the world for “The state of email deliverability 2023”, results revealed that many email marketers seem unsure about answering basic questions on the topic.

And others? Well, let’s just say they may be doing things they shouldn’t. We’re here to help you avoid getting labeled as an email spammer.

What defines an email spammer anyway?

The definition of spam is unwanted email that people never signed up to receive in the first place. However, it can still get delivered to their inboxes anyway.

Sometimes, mailbox providers will accept spam emails because they think the message might be legitimate. Recipients may choose to mark those emails as spam, or they may just ignore them. Other times, a valid email is filtered to spam because it seems suspicious, or the sender’s reputation is damaged.

To put it as plainly as possible, an email spammer is someone who sends messages to people without obtaining consent to do so.

Not all spam is created equal. Some email spammers are actually dangerous scammers. They’re trying to steal the recipient’s identity, deliver malicious links and software, or bilk people out of money.

There are also email spammers who aren’t looking to commit crimes, they just want to build their list or make a few more sales. The very first of this type of email spammer was Gary Thuerk, who made email history in the 1970s with an unsolicited message to ARPANET employees that made his employer millions. But a lot has changed since then, and you don’t want to do what Gary did these days.

While unsolicited emails are in violation of the European Union’s General Data Protection Regulation (GDPR), email marketing without consent isn’t illegal in the U.S. CAN-SPAM only requires a way to opt-out.

But just because it’s not illegal doesn’t mean it’s not spam. If mailbox providers are filtering your emails into the junk folder, there’s a good chance you had it coming.

You might be an email spammer if…

We thought about asking Jeff Foxworthy to write some hilarious one-liners for this part of the article, but this is no joke, my friends.

It’s quite possible your company has done some spammy things in the past that are hurting your email deliverability. Or maybe you had no idea that certain tactics turn you into an email spammer.

Breathe easy. First, let’s figure it out. Then, let’s look at how to remedy the situation. Here are seven signs you might be sending spam emails.

1. You’re paying to build your email list

It’s hard to believe, but no matter how many warnings we put out there, people are still purchasing email lists.

The Sinch Mailgun report on deliverability found that 12.5% of senders admitted their organizations had purchased email addresses and just over 10% were unsure about it.

Here’s the thing… Purchasing an email list does not make you a spammer but sending to those addresses definitely does. These people never agreed to be added to your list, so you are emailing them without consent. Under privacy laws like GDPR, this could also be illegal.

The other big problem is that purchased email lists can contain spam traps. These are either fake or very old email addresses that mailbox providers and blocklist services use to identify spammers.

Sending messages to people who have not opted in to get emails from you makes you a spammer. Of course, a spam trap cannot opt-in because it’s not an actual subscriber. So, if you send mail to a spam trap, that’s a sure sign you really are an email spammer.

2. You’re scraping the web to collect email addresses

Mailbox providers and blocklist services also place spam traps on pages around the web. That way, if spammers try to harvest contacts with web scraping software and send to them without obtaining consent, they get caught.

Sinch Mailgun’s survey found that 9.9% of senders have used this tactic and another 9.9% were unsure about it. That means around 1 in 10 senders are using a very shady tactic to grow their email list.

This might seem like a smart way to build a list of relevant prospects for B2B email marketing: Go to websites and social media sites to find the right people from the right business so you can target them. But without consent… it could get you in trouble. Before long, more and more of your emails will be filtered into junk.

3. You’re sending cold emails

A cold email is sent to someone who’s never heard from you before. Many times, B2B sales representatives will send cold emails to prospects to make introductions, get meetings, or set up product demos.

If it’s a more personal, one-to-one email outreach, this is no big deal. But if you are using automation and sending cold emails in bulk, that’s a problem. That makes you an email spammer.

What’s more? If you are sending cold emails from the same domain or IP address as marketing and transactional emails, all those messages are more likely to end up in spam too.

The spam complaint rate for cold sales emails tends to be very high. If all your emails are coming from the same place, those spam complaints will drag down your reputation as well as the deliverability for all your transactional and email marketing messages. Now that’s cold.

4. You’re pre-ticking consent boxes on web forms

Before GDPR, it was very common to pre-check boxes on website forms, which gave permission for brands to send newsletters and marketing communications. Don’t do that anymore.

The idea was that lots of people wouldn’t notice the little checkbox (which is true) and you could start emailing them without worrying about it (which is not true). For someone to truly opt-in to your mailing list, they need to take an action that shows explicit consent.

A pre-ticked opt-in box is now considered a spammy tactic. Those new contacts may have no idea why they’re suddenly getting so many emails from you. So, they mark your messages as spam. If this happens often enough, emails to people who actually want to hear from you may start being filtered into spam as well.

5. You’re making it too hard to unsubscribe

The other side of this coin involves tricky tactics that make unsubscribing darn near impossible.

Hopefully, you know that it’s important to include an unsubscribe link in every email you send. And, hopefully, you’re not making that link hard to find.

There are plenty of senders who place the unsubscribe link in the email footer with tiny, barely readable text. That’s bad enough. What’s really tricky is when senders use invisible text to hide the unsubscribe link. For example, this may be done by making the link text color the same as the HTML email background.

But when someone who wants to get off your list can’t find that link, they get frustrated. Frustrated people mark emails as spam instead. And when you get lots of spam complaints, mailbox providers start thinking maybe you really are an email spammer.

A better option is to optimize your unsubscribe page to retain some of those contacts or set up an email preference center so subscribers can manage when and how they hear from you.

6. You lack email authentication

Email authentication protocols help mailbox providers identify legitimate senders so they can protect their users from phishing attempts and brand spoofing. When authentication fails, or is non-existent, an email message is much more likely to be filtered into spam.

Likewise, an email spammer is much more likely to send a message that lacks or fails proper authentication. These protocols are DNS text records that your email service provider (ESP) may handle for you, or the IT department sets up on your email servers.

Yes, it’s pretty technical. But email marketers should have a basic understanding of how authentication works and how it’s being handled. Mailgun’s survey on email deliverability found many senders are unsure whether they’re even using protocols like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC).

Survey results on email authentication implementation

Ideally, you should use all three of these specifications while enforcing a strong DMARC policy of quarantine or reject for messages that fail DKIM and SPF authentication. When you’ve got all of this in place, your brand can use the BIMI specification to get a verified logo that is displayed at the inbox level for participating mailbox providers.

7. Your email engagement really stinks

Not only can your actions as a sender affect email deliverability, but the actions of your subscribers can impact inbox placement too. Or in this case, the lack of action from subscriber is the email deliverability concern.

When mailbox providers score your sender reputation, they pay close attention to email engagement. The reason is pretty simple…

If recipients are opening, reading, and clicking on your email campaigns, that’s a very clear sign they like and want what you’re delivering. If they ignore your emails or delete them right away, that’s a sign you’re not exactly wanted or welcome in their inbox.

At first, mailbox providers like Gmail and Outlook may filter messages for recipients who aren’t engaging with your emails. That’s already a problem for your sender reputation. If the lack of engagement becomes a consistent pattern among your list, it could become an even bigger deliverability issue.

When Sinch Mailgun asked senders what they believe is the most important thing they can do to improve their sender reputation, Increasing engagement came out on top.

Mailgun’s deliverability experts totally agree with this. But they add that it’s not about being a click-baity email marketer. It’s all connected. So, take a holistic approach to improving sender reputation.

“All of these efforts can improve sender reputation. Personally, my focus would be on engagement, which ties heavily into list building practices. Make sure the recipients’ addresses you’ve collected have agreed in a clear way to receive your emails from the start. Then, ensure they stay engaged with your emails over time.”

Alexandre Zibrick Compliance and Deliverability Engineer, Sinch Mailgun

What to do if you’ve been acting spammy

If you’ve been behaving like an email spammer (even just a little), it’s not too late to turn things around. Here’s some advice on where to start and how to get on the path to better inbox placement rates.

Clean up your contacts

If you’ve been using questionable list-building tactics, you’d be wise to give it a good scrubbing. Email list hygiene should be a regular practice that involves validating email addresses on your list. That’s a good way to identify fake and outdated addresses, including spam traps.

Sinch Mailgun’s research found that many senders are conducting list hygiene monthly. However, a combined 38.7% admit they rarely or never do.

Review infrastructure and authentication

If you’re having serious email deliverability problems, it may be time to look at some of the technical factors. Do you need to strengthen the way your emails are authenticated? If you’re not yet using it yet, DMARC can help protect your domain reputation.

You could also consider a new sending IP or switching from a shared IP to a dedicated IP. That’s what 27.8% of senders did after being blocklisted. Another 23.1% chose a new ESP, perhaps because they were sharing an IP with bad senders.

Finally, look at separating mail streams on different IPs or subdomains so you can have more control over your reputation.

Get serious about obtaining consent

A healthy email list contains verified contact data from subscribers who are likely to engage. The best way to do that is to verify emails at signup. However, you can also implement a double opt-in strategy to make sure new subscribers really will be engaged.

With a double opt-in, new subscribers click a link in a confirmation email to acknowledge their intent and consent to join your list.

The state of email deliverability 2023 report found that more than 52% of senders surveyed were not using a double opt-in. Yet, experts recommend every sender should implement this process to support both deliverability and privacy compliance.

Segment based on email engagement

A similar strategy to the double opt-in is known as confirmed opt-in light (COIL). With this process, new subscribers are segmented into a separate list until it’s clear they are going to engage with your emails.

Segmenting subscribers based on their levels of engagement is another good way to protect your sender reputation. One way to do this is with what’s known as a sunset policy, which only 22.5% of survey respondents say they are using.

With a sunset policy, you set benchmarks to identify unengaged subscribers. Take, for example, someone who hasn’t opened an email in more than two months. You then segment those subscribers and either send to them less frequently, try to re-engage them, or stop sending and remove them from your list.

Optimize emails for better engagement

Finally, if you want to boost email engagement, send more engaging emails. We know. “Thanks, Captain Obvious.” Right?

Here are some articles with ideas to help you out:

• Write creative calls to action (CTAs) to get more clicks.
• Try adding interactive email elements to your campaigns.
• Make sure you take advantage of preheader text to boost open rates.
• Consider pursuing a BIMI logo to increase opens engagement.
• Try send-time optimization to get emails delivered with perfect timing.
• A/B test email campaigns to optimize for higher engagement.

Standing out in the inbox is a challenge, but you can do it.

How to find out if you’re landing in spam

Maybe you’ve read through all this and realized you don’t really know where your email campaigns are landing. Sometimes, email marketers hear from colleagues or peers in the industry that a message was filtered into spam.

But it’s unlikely your ESP is telling you much about inbox placement. The delivery rate metric includes all messages that are accepted by a receiving mail server. That includes messages that are delivered to the spam folder.

The best way to find out where your emails are likely to land is with inbox placement testing. This is a process that involves using a seed list with seed mailboxes. You can deliver emails to these mailboxes, see what happens, and adjust to improve deliverability if needed.

Sinch Mailgun offers a service that provides detailed inbox placement reports that also verify your email authentication is working as expected.

How pre-send email testing can help

There’s another thing that can have a negative effect on email engagement – campaigns that don’t display or function as expected.  You see, email clients use different rendering engines, which can mess with your code and mess up your email.

Subscribers are less likely to engage with emails that look broken. They may even find them suspicious and mark those emails as spam. Sinch Email on Acid is a leading pre-send testing platform that shows you previews from more than 100 clients and devices. It’s like getting a sneak peek into all the different inboxes where your emails will land.

But our email readiness platform does way more than that. Use it for email quality assurance (QA), testing everything from email accessibility to inbox display to catching spelling errors, It’s the best way to optimize every email campaign before you hit send.

The post 7 Signs You Might be an Email Spammer (And What to Do About It) appeared first on Email on Acid.

The best way to prevent this from happening to your subscribers? Set up rigorous email authentication protocols: SPF, BIMI, DMARC, and DKIM.

Of these four email authentication standards, only one comes with a super-secret, encrypted digital key. That’s DomainKeys Identified Mail, or DKIM for short. A DKIM signature helps mailbox providers verify you as the sender while preventing phishing attacks known as email spoofing.

Imagine signing an important letter with invisible ink, which makes it clear the message came from you and no one else. That’s essentially what DKIM does. Of course, it’s not quite that simple. Here’s how DKIM works, and what you need to know to implement it for your email marketing program:

What is a DKIM signature?

DKIM, or DomainKeys Identified Mail, is an email authentication protocol that creates a digital signature that mailbox providers use to verify the identity of an email sender. A mailbox provider connects the DKIM signature, found in an email’s header, with records published on the domain name server (DNS) of a sender’s domain. This provides an encrypted key to help mailbox providers detect forged sender addresses. All major mailbox providers look for DKIM signatures when authenticating emails, including Google, Apple Mail, and Outlook.

Created in 2004, DKIM combined two methods designed to prevent email forgery: Yahoo’s “DomainKeys” and Cisco’s “Identified Internet Mail.” The DomainKeys portion was designed to verify the DNS domain of an email sender. Identified Internet Mail is the digital signature portion of the specification.

DKIM adds another layer of protection to the standard practice of SMTP, or Simple Mail Transfer Protocol. While SMTP is frequently used, it doesn’t include a way to verify a sender before delivering an email. That made it possible for spammers and scammers to fill inboxes with junk and attempt to spoof trustworthy brands.

What does DKIM do and how does it work? 

Essentially, when you set up a DKIM, you’re telling internet service providers (ISPs) that your ESP is sending mail from an authorized system and that it is not spam or spoofing. Like other email authentication methods, DKIM lets senders associate a specific domain with their email messages. Records published on the DNS vouch for an email’s authenticity. 

However, DKIM has a unique way of doing this with an encrypted digital signature:

• A public DKIM key gets published on the DNS txt record.
• A private DKIM key is included inside a hash (string of characters) that’s generated on the sender’s side.

That hash then gets encrypted with the private key and placed in the email header. Private DKIM keys are unique to the sender and match the public key in the DKIM TXT record on the DNS.

When the two DKIM keys match, mailbox providers can verify the identity of the sender and the message goes through to the inbox. If the key pair does not match, or if there is no DKIM signature detected by the email provider, it’s more likely that the email will be rejected or filtered into the spam folder. 

DKIM itself does not filter emails. However, it helps the receiving mail servers decide how to best filter incoming messages. A successful DKIM verification often means a reduced spam score for a message.

That’s why setting up DKIM authentication is so important for email deliverability — without this and other authentication protocols that confirm your email security, providers like Gmail won’t deliver emails that appear to come from a brand like Microsoft, PayPal, or Bank of America, because scammers regularly use these kinds of brands for email spoofing.

A DKIM signature vs. SPF authentication

What’s the difference between a DKIM signature and SPF authentication? These two protocols are simply two different ways to authenticate senders and prevent email spoofing, but a strong email security program uses both.

• A DKIM signature uses keys to authenticate a sender, matching the private key in the individual email with the known public key from that sender in the DNS record
• An SPF record, or sender policy framework, contains an official list of domains and servers authorized to send email on behalf of a particular domain, including your email service provider (ESP) and the domain owner. That could include yourname@example.com, but also hello@example.com, customersupport@example.com, and so on. If a domain that’s not in your SPF tries to send email from your brand, mailbox providers may reject it or send it to the junk folder.

Both SPF and DKIM have strengths and weaknesses. For example, a downside of SPF is that it breaks during email forwarding, but the DKIM signature does not. A DKIM signature can be faked, however, which is why it’s best practice to change or rotate your keys on a consistent basis – at least once or twice per year.

Adding DMARC to the mix

Once you have DKIM and SPF in place, a DMARC policy tells mailbox providers what to do with emails that fail authentication. This policy, also known as Domain-based Message Authentication, Reporting, and Conformance, checks for DKIM and SPF alignment, creating a common framework for mailbox providers to use in the DNS record. For example, if an email fails one or the other (there are various reasons this might occur), DMARC makes it more clear for a mailbox provider to know what to

For many people, missing an important, legitimate email is even worse than letting spam get through to their inbox. Real emails can sometimes fail DKIM and SPF authentication for various reasons. So, mailbox providers may let emails through if they don’t pass the test but appear to come from a legit sending domain. DMARC makes it more clear what to do.

What does a DKIM record look like?

Implementing a DKIM signature requires making changes to the code in your email header and adding a txt record to your domain name system (DNS) server. Here’s a closer look at those two pieces:

The DKIM record

In order to take advantage of DKIM to protect your brand from spoofing and protect your subscribers from scammers, you’ll need to create a DKIM record and place it on your DNS txt record and publish it on the domain name server. This may involve getting some help from the IT department and/or your email service provider (ESP). ​​Here’s an example of a DNS record: 

                            

                                dk1024-2012._domainkey.example.com TXT "v=DKIM1; t=y; k=rsa;
p=MIGfMA0GCSqGSiuTHjQWercnvEr54A2CA;"
                            
                        

Here’s a breakdown of the sample DNS TXT record for a DKIM signature:

• v= The version of the protocol used

• t= This optional tag indicates the sending domain is testing DKIM

• k= The key type, which is usually rsa

• p= The public key, which pairs with the encrypted DKIM signature

The only required tag in the DNS record is the public key (p=). The DKIM record also includes the sending domain and the DKIM selector, the latter of which is a name or number the sender uses to tell receiving mail servers where to find the private key. The DKIM signature header gets added to email messages and includes the information receiving mail servers need to verify the authenticity of a message.

How to read a DKIM header

Then, you need to create the DKIM header, which is the code inserted into the header of every single email you send, and which is what contains the public key. 

These two pieces together make up the DKIM signature.

Let’s put it all together. Here’s an example DKIM signature (recorded as an RFC2822 header field) for the signed message:

                            

                                DKIM-Signature a=rsa-sha1; q=dns;

d=example.com;

i=user@eng.example.com;

s=jun2005.eng; c=relaxed/simple;

t=1117574938; x=1118006938;

h=from:to:subject:date;

b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSb

av+yuU4zGeeruD00lszZVoG4ZHRNiYzR

                            
                        

Tags in a DKIM signature header

• b = the actual digital signature of the contents (headers and body) of the mail message
• bh = the body hash
• d = the signing domain
• s = the selector
• v = the version
• a = the signing algorithm
• c = the canonicalization algorithm(s) for header and body
• q = the default query method
• l = the length of the canonicalized part of the body that has been signed
• t = the signature timestamp
• x = the expire time
• h = the list of signed header fields, repeated for fields that occur multiple times

NOTE: Tags above that are emphasized are required. DKIM signatures that are missing these tags will produce an error during verification.

We can see from this DKIM header that:

1. The digital signature is dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSbav+yuU4zGeeruD00lszZVoG4ZHRNiYzR.
   This signature is matched with the one stored at the sender’s domain.
   
2. The body hash is not listed.
   
3. The signing domain is example.com.
   This is the domain that sent (and signed) the message.
   
4. The selector is jun2005.eng.
   
5. The version is not listed.
   
6. The signing algorithm is rsa-sha1.
   This is the algorithm used to generate the signature.
   
7. The canonicalization algorithm(s) for header and body are relaxed/simple.
   
8. The default query method is DNS.
   This is the method used to look up the key on the signing domain.
   
9. The length of the canonicalized part of the body that has been signed is not listed.
   The signing domain can generate a key based on the entire body or only some portion of it. That portion would be listed here.
   
10. The signature timestamp is 1117574938.
    This is when it was signed.
    
11. The expire time is 1118006938.
    Because an already signed email can be reused to “fake” the signature, signatures are set to expire.
    
12. The list of signed header fields includes from:to:subject:date.
    This is the list of fields that have been “signed” to verify that they have not been modified.

One important consideration for DKIM authentication is the need to periodically change or rotate your DKIM keys. Just like updating a password for account login, DKIM key rotation helps keep the authentication protocol secure. In some cases, DKIM information is accidentally exposed, which could cause security concerns.

How do you set up and check DKIM?

DKIM setup is one of the most technical aspects of email deliverability and can require help from your web host providers, email service providers, or your IT department to configure it correctly. However, there’s good news — it’s much easier to verify your DKIM keys than it is to set them up in the first place. And trust us, doing this work goes a long way toward helping your email deliverability.

The particulars of your DKIM setup vary based on your hosting provider, so be sure to contact them for specifics. Take a look at these common provider documents for more details:

• AWS DKIM 
• GoDaddy DKIM setup 
• Bluehost DKIM 
• HostGator DKIM 
• Google Workspace  

How to verify a DKIM signature

DNS records and DKIM signatures can get complicated. If you want to be sure your email authentication protocols are set up correctly, there are online tools that can help verify that.

Here are a few tools to try for DKIM verification:

• DKIM record Checker – DMARC Analyzer 
• DomainKeys Identified Mail (DKIM) Record Lookup – MxToolBox 
• DKIM Record Checker – DKIM tools – EasyDMARC 
• DKIM Inspector – Dmarcian 
• Free DKIM Record Checker – DMARCLY 
• DKIM Record Lookup – DNS Checker 
• DKIM Record Check – DMARC Analyzer – Mimecast 

You can also test DKIM by sending an email to a Gmail account. Open the email in the Gmail web app, click on the down arrow next to the “reply” button (top right of email), and select “show original.” In the original, if you see “signed-by: your domain name” then your DKIM signature is good.

Does DKIM improve deliverability? 

Like most things in email, the answer is “it depends.”

Yes, adding DKIM authentication (and SPF, for that matter) improves your overall sender reputation and can make it much more likely for providers to send your email to the inbox. But the case for using DKIM is more about what happens if you fail to use it. Without it, you’re much more likely to get flagged as spam — and of course, it’s a lot easier for scammers to spoof your emails, which negatively impacts not just your deliverability but your brand trust, too.

Take control of email deliverability 

Strong authentication is the foundation of great email deliverability. Making sure you have your authentication protocols in place is essential — but it’s not a fail-safe. Deliverability is a notoriously fickle aspect of email marketing that requires constant upkeep. That’s why Sinch offers Mailgun Optimize, a suite of deliverability tools and services that help take the complexity out of email deliverability. That means more of your awesome emails will make it to the inboxes of people you want to reach.

The post What is DKIM for Email Authentication and How Does it Work? appeared first on Email on Acid.

While blocklist providers like Spamhaus sound scary, they’re the good guys (as long as you stay on their good side that is). In this article, you get to peek behind the curtain and learn all about Spamhaus blocklists. 

What is Spamhaus?

The Spamhaus Project is an international anti-spam non-profit organization. It is primarily a collection of different blocklists designed to track spam and related cybersecurity threats like phishing, malware, and botnets. Spamhaus provides real-time actionable intelligence to cybersecurity firms, corporations, and the internet’s major networks. They even assist law enforcement agencies like the FBI in cybercrime investigations.

To put it simply, Spamhaus provides tools for identifying, filtering, and blocking spam as well as malicious email messages.

It’s important to note that Spamhaus isn’t exactly the entity blocking senders’ emails. Spamhaus provides IP and domain reputation data that its users apply when deciding how to filter or whether to block a sender’s messages.

When they detect a potential spammer, Spamhaus first works to identify the suspicious sender’s digital identification information. Then, they place that sender on a blocklist, which inhibits their ability to continue sending emails that actually reach the intended recipients. 

Spamhaus has been around since 1998. That was the same year that Google entered the scene. So, you know this is a blocklist that has seen a lot over the years and knows how to stop the bad stuff from getting to inboxes. Want to see a list of the biggest spammers on the planet? Check out the ROKSO (Register of Known Spam Operations). It has details on the 100 organizations responsible for 80% of the world’s spam.

Spamhaus.org is an open-source project, and low-volume, non-commercial users can apply its blocklists for free (See the DNSBL Terms of Use for more information). Email senders can also find tools on the site to check if they’re listed on any of the blocklists. Spamhaus.com is a related entity that sells enterprise cybersecurity solutions, including email protection.

Still curious? Find out more about what Spamhaus does in the company’s own words.

Spamhaus blocklists

There’s more than one Spamhaus blocklist. Though you really don’t want to end up on any of them, some pose greater restrictions on email delivery than others.

As previously mentioned, Spamhaus doesn’t block emails. Its users take the IP and domain reputation data to create their own policy on how to filter email. Check out the Spamhaus flowchart below to see how a DNSBL blocklist works.

Here’s a brief look at the primary Spamhaus blocklists:

1. Spamhaus Block List (SBL)
2. Composite Snowshoe Block List (CSS)
3. Domain Block List (DBL)
4. Exploits Block List (XBL)
5. Policy Blocklist (PBL)

1. SBL – Spamhaus Block List

The Spamhaus Block List (SBL) catalogs IP addresses that have been identified as sending spam, participating in snowshoe spamming, or using bulletproof hosting. How does Spamhaus identify these IP addresses?

One way is from spam complaints. If too many of the messages you send out are marked as spam emails by your recipients, Spamhaus and other similar organizations start to take notice. If it keeps happening, they’ll put your IP address on a blocklist like the SBL. 

Once that happens, it will impair your ability to deliver emails, even to people who haven’t marked you as spam. 

(Note: Getting delisted from the SBL may require working with your email service provider (ESP) or internet service provider (ISP) to make the official removal request.)

Some innocent email senders can get caught on blocklists if their IP addresses are compromised by spammers. This is one symptom suffered by victims of malware. Not all malware seeks to hold your computer hostage until you pay money. Sometimes, bad actors just want to use your computer’s IP to send spam, without your knowledge. Find out more about the SBL from Mailgun.

2. CSS – Composite Snowshoe Block List

The Spamhaus Composite Snowshoe Blocklist is a component of the SBL that is specifically reserved for email spam violators such as snowshoe spammers, risky senders, and compromised hosts. 

What is ‘snowshoe spamming?’ That’s a technique used by real spammers to spread out their email distribution across a wide swath of IP addresses to avoid spam filters. 

You can end up on the CSS in a number of ways, like continuing to send unsolicited emails, even when someone hasn’t opted in or has asked you to stop. Likewise, poor email list hygiene, a poor email reputation, and indications of abusive practices can land you on the CSS blocklist.

This blocklist uses IP addresses, and being listed here will again have a severe impact on your email deliverability. Find out more about the CSS blocklist from Mailgun.

3. DBL – Spamhaus Domain Block List

The main difference between this and the SBL is that the Spamhaus Domain Blocklist DBL lists domains, while the SBL lists IP addresses. Ending up on the DBL is caused by many factors, such as the ones already discussed.

And once again, if your domain ends up on the domain blocklist, it can cause great damage to your email deliverability. If your domain is on the DBL, and that domain appears anywhere in your emails, they may not be delivered. It also might get you added to the CSS blocklist, which we’ll discuss next. 

The good news here is that your domain may automatically be removed if you improve your email reputation. That’s because DBL listings can automatically expire after sender reputation factors change. But this isn’t guaranteed – and may take longer than you’re willing to wait. So, you may need to manually request removal from the DBL. Find out more about the DBL from Mailgun.

4. XBL – Exploits Block List

The XBL is a real-time database of the IP addresses of hijacked computers. These are PCs that have been infected with illegal third-party exploits. That may include open proxies, worms or viruses with built-in spam engines, and other types of trojan-horse exploits.

If you end up listed on the XBL, it’s because there are signs that your IP or devices connected to it are infected with something malicious.

5. PBL – Policy Block List

Of these four Spamhaus blocklists, this is the one that causes you the least amount of trouble, in theory. You still don’t want to be on it, but unlike the others, being on the Spamhaus Policy Blocklist won’t immediately affect your deliverability. 

Some IP addresses haven’t been designated as email senders. These include IPs related to internet broadband and dial-up customers, which can’t send email. Because of the “wonders” of the internet, sometimes your IP can be flagged as one that shouldn’t be sending email, and placed on the PBL.

One way this can happen is if you aren’t using proper SMTP authentication. Find out more about the PBL from Mailgun.

What is Spamhaus Zen?

One way Spamhaus is making all these blocklists a bit easier and more convenient is with Spamhaus Zen. Instead of using separate blocklists, Spamhaus Zen combines its IP-based blocklists into one (SBL, XBL, CSS, and PBL). That creates a comprehensive solution for mailbox providers and administrators.

Fun fact… the name Zen has nothing to do with finding an enlightened inbox (although that would be cool. It’s actually named for a dog. Zen was the name of Spamhaus founder Steve Linford’s German Shepherd.

Spamhaus delisting and blocklist removal

What do you do if you find yourself on a Spamhaus blocklist?

First, take a breath, because you’re not alone. It’s actually quite common to end up on an email blocklist, and it’s often not because of anything you did. About 25% of bulk email senders in one survey found themselves on at least one blocklist over the course of a year. Sometimes it happens because of things you failed to do, like clean up your lists to remove inactive emails. We’ll get to that in a second. Other times, it’s a technical issue, or it could be that you’ve been compromised by cybercriminals.

The good news is, Spamhaus and other blocklist providers have ways to get delisted as soon as possible.

Here are the steps to take:

1. Confirm you’re on a Spamhaus blocklist

If you’re worried that you’ve been added to a blocklist, the first thing to do is to find out for sure.

You can do that using Spamhaus’ free blocklist lookup tool.

Go there and enter either your IP address, domain, or hash, and see what comes up. If you do find you’re on one of the other IP or domain blocklists, it’s best to pause all email sending until you get things figured out and fixed.

2. Find the steps to get removed

If you are on a blocklist, figure out what you need to do to get removed. Most blocklist vendors, including Spamhaus, will show you the steps you must take to delist yourself. For example, here’s what a sender might see if they are listed on the DBL:

When the sender examines the “Show Details” dropdown shown above, there are recommended steps for potentially mitigating the listing. Getting listed on the SBL will require a request from your Internet Service Provider (ISP), or whatever organization owns the IP address from which your email is coming. Before anyone submits a removal request, you’ll want to address any issues and fix any problems that got you there in the first place.

3. Get help if you need it

Every situation is different. You may need to work with your IT department to fix certain issues. Your ESP may be able to help you in other situations.

For example, if you’re on a shared IP, being on a blocklist may not be your fault. It could be the bad behavior of another sender using the same IP to send spam. That’s why ESPs like Mailgun have Acceptable Use Policies, which contain guidelines for using the platform responsibly. The policy helps protect other users on the platform from getting blocklisted.

If you end up on the SBL, Spamhaus requires that the entity that owns the sending IP make the removal request. In some cases, the IP owner will be your ESP. If you’re on a shared IP, or your ESP is providing you with a dedicated IP, then your provider needs to handle the request.

How to avoid getting blocklisted

Rather than working to get removed from blocklists, we’re guessing you’d rather stay off them in the first place. Here are some tips and articles to help you out…

First, make sure there’s a clear and easy way for people to unsubscribe if they no longer want to hear from you, and that you’ve received consent to email contacts in the first place.

One common way email senders end up on a blocklist is through spam traps. The use of these email addresses are an indication to blocklist organizations, like Spamhaus, that the sender isn’t practicing good list hygiene or could be obtaining addresses in less-than-legitimate ways.  

By growing your email list organically and practicing good email list hygiene, you can avoid most of these traps. Still, an email validation service offers the best protection. 

To stay off of blocklists, you’ll also want to set proper email authentication protocols and keep your spam complaints low. Understanding these basics, and understanding what constitutes spam-like activity, will help you stay off of blocklists. 

What Spamhaus wants email marketers to know

The folks at Spamhaus want email marketers to know they’re not out to get you and they don’t want to ruin your day. The blocklist provider has been making an effort lately to be more approachable and friendly to senders. Besides catching and stopping the bad guys, they also want to work with people who use email marketing for legitimate reasons.

Recently, Spamhaus industry liaison, Matt Stith, was a guest on the Mailgun podcast Email’s Not Dead. He told hosts Eric Trinidad and Jonathan Torres that transparency is a big part of the new Spamhaus image. That includes being clear and helpful when Spamhaus detects an issue and a sender ends up on a blocklist due to an honest mistake.

Matt also talks about how senders need to keep evolving and learning as well. Things are always changing in the email industry. That can make the job of stopping spammers and scammers tough. It can also create email deliverability challenges. However, blocklists like Spamhaus serve an important purpose.

By helping to make the inbox a safer, spam-free place, Spamhaus also ensures that email continues to be an effective way for brands to connect and communicate with customers and subscribers. That’s why responsible senders and organizations like Spamhaus should see themselves as being on the same team.

Hear it for yourself…

Check out Season 4 Episode 2 of Email’s Not Dead, with special guest Matt Stith of Spamhaus. Subscribe now on Apple Podcasts or wherever you listen so you’ll never miss one of our exclusive interviews.

LISTEN NOW

Get blocklist monitoring with Mailgun Optimize

Blocklists don’t have to be scary, and email deliverability doesn’t have to be hard. There are tools to help you monitor and improve email delivery while watching for issues that can trip you up. With Mailgun Optimize, you get an email deliverability suite that comes with many of the tools you need.

Using a curated list of blocklists, Deliverability Monitoring checks to see if your campaigns are at risk of being blocked before you hit send. It also monitors for spam traps and provides actionable advice for getting delisted if needed.

Mailgun Optimize Email Validations help you verify email addresses and keep your list clean while preventing lost leads and new subscribers. Plus, Inbox Placement provides a clear picture of where you can expect your emails to land.

Sign up for a free month of Mailgun Optimize to discover how powerful our email deliverability solutions really are.

The post Get to Know the Spamhaus Project: The Biggest Name in Blocklists appeared first on Email on Acid.