In last month’s feature, I discussed what you need to know about email deliverability, including the importance of Internet Protocol (IP) addresses, domains, and your email reputation. This month, I delve a little deeper into the deliverability issue by talking about email authentication – specifically Sender Policy Framework (SPF), Sender ID, and DomainKeys Identified Mail (DKIM). These email authentication standards are key to ensuring your emails get delivered to subscribers’ inboxes and, ultimately, driving higher conversion rates.
Why Is Email Authentication So Important?
If an email says it’s from a certain organization, how can you be sure it’s actually from that organization? That’s basically what email authentication is all about – verifying that the domain used in the from address is under the control of the sender. By employing email authentication protocols, ISPs help to protect email users from phishing scams and spammers. When an ISP can’t authenticate a sender, the sender may face extra scrutiny that could lead to filtering. In this way, email authentication is an important tool for marketers because it directly impacts email deliverability.
Email Authentication Methods That Can Help Your Marketing Messages Reach Subscribers’ Inboxes
The following are the primary authentication methods used today:
- Sender Policy Framework (SPF)
This authentication method verifies the envelope of the email, specifically the HELO identity (the mail server that is sending the message) and the MAIL FROM identity (the email address that is responsible for sending the message). So when your organization sends an email, your recipient’s mail server will evaluate your sending IP address in the public Domain Name System (DNS) to be sure it is allowed to send the email on behalf of the sender. AOL, Gmail, and many others are known to use SPF when checking authentication.
For more information about SPF – including SPF record syntax details and a test suite for SPF implementation – visit the Sender Policy Framework Project Overview website.
- Sender ID
Similar to SPF, Sender ID verifies the email sender’s IP address against the alleged owner of the sending domain. The difference is that Sender ID uses an algorithm, called Purported Responsible Address (PRA), to examine the message content of email by specifically focusing on the from address your recipients see. Sender ID was developed by Microsoft and other industry partners and has been adopted by more than 10 million domains worldwide. MSN Hotmail is known to use Sender ID when checking authentication.
For more information about the technical aspects of Sender ID – including steps to implement authentication checks on email servers and within applications – visit Microsoft’s Sender ID website.
- DomainKeys Identified Mail (DKIM)
With DKIM, two corresponding “keys” are created – one that is public, stored in the DNS as text, as well as a private key that is accessible just to the email server. So every time an email campaign is sent, a private key is included in the email message headers. When ISPs receive the email message in their servers, they can verify the public and private headers. This information is used to verify not only the sender, but also that the email message was not changed in transit. Yahoo, AOL and Gmail are known to use DKIM when checking authentication. In addition, Hotmail also uses DKIM, but typically only when Sender ID fails.
For the DKIM authentication method, DomainKeys technology is combined with Identified Internet Mail (IIM). DomainKeys verifies the domain of the email sender by encrypting the email header and replacing it with a hash value. The receiving site also encrypts the email and compares the hash values to be sure they match. Using public key cryptography, email senders add a domain name and signature to their messages. The signature is verified at the receiving end by using the DNS.
For more information about implementing DKIM, visit DKIM.org.
Make Email Authentication Part of Your Email-Marketing Best Practices
To get the best email deliverability rates, you should be implementing every email authentication standard available. Keep in mind that not all ISPs use the same email authentication tools.
If you’re looking for ways to improve your email deliverability – including evaluating and implementing email authentication standards – the experts at FulcrumTech can help. Email or give us a call at 215-489-9336 and get started today.