Delivery is not dependent on authentication

All too often folks come to me with delivery problems and lead off with all of the things they’ve done to send mail right. They assure me they’re using SPF and DKIM and DMARC and they can’t understand why things are bad. There is this pervasive belief that if you do all the technical things right then you will reach the inbox.

Getting the technical bits right is an important part of demonstrating you’re a legitimate sender but it’s not, on its own, sufficient to reach the inbox. All you need to do is look at some of the mail in your junk folder to see that even companies with full DMARC can sometimes reach the spam folder (the Uber example, again).

To put it another way, spammers regularly get all the technical bits right and implement best practices, often in better ways than actual companies. Their mail still goes to the spam folder because, well, it’s spam. They even do things like pass lists through data hygiene companies and sometimes even pay attention to engagement on some levels.

What really drives delivery, particularly at the consumer mailbox providers, is engagement.

pie chart showing more than 80% of inbox is dependent on reengagement, with 10% attributed to technical practices and 10% attributed to authentication practices.

The big drivers of engagement are having permission to send email and sending mail users want to receive and interact with.

pie chart showing 75% of engagement is about the content you send, with 25% being about what kind of permission you have.

Authentication is there so that the filtering engines know what mail is actually from you. It allows them to be really harsh on spam forging your domain or sent without your authority and still delivering your legitimate mail to the inbox. If your mail is fully authenticated and still going to the bulk folder, then the problem is related to your email. Something you’re doing, whether it’s a permission problem or an engagement problem or whatever, is making the filters think your mail isn’t wanted.

Fixing authentication isn’t going to fix delivery problems caused by authenticated email.

Related Posts

The many meanings of opt-in

An email address was entered into our website

An email address was associated with a purchase on our website.

Read More

July 2017: The month in email

August is here, and as usual, we’re discussing spam, permissions, bots, filters, delivery challenges, and best practices.

One of the things we see over and over again, both with marketers and with companies that send us email, is that permission is rarely binary — companies want a fair amount of wiggle room, or “implied permission” to send. There are plenty of examples of how companies try to dance around clear permissions, such as this opt form from a company we used to do business with. But there are lots of questions here: can you legitimately mail to addresses you haven’t interacted with in 5 years? 10 years? What’s the best way to re-engage, if at all?
We frequently get questions about how to address deliverability challenges, and I wrote up a post about some of the steps we take as we help our clients with this. These are short-term fixes; for long-term success, the most effective strategy is sending email that people want and expect. Engagement is always at the core of a sustainable email program.
We’ve also discussed the rise of B2B spam, and the ways in which marketing technologies contribute to the problem. B2B marketers struggle to use social and email channels appropriately to reach customers and prospects, but still need to be thoughtful about how they do it. I also wrote about some of the ways that marketing automation plugins facilitate spam and how companies should step up to address the problem. Here’s an example of what happens when the automation plugins go awry.
I wrote a few posts about domain management and the implications for security and fraud. The first was about how cousin domain names can set users up for phishing and fraud, and the second was a useful checklist for looking at your company’s domain management. We also looked at abuse across online communities, which is an increasing problem and one we’re very committed to fighting.
I also highlighted a few best practices this month: guidelines for choosing a new ESP and active buttons in the subject line for Gmail.
And finally, we celebrated the 80th birthday of the original SPAM. If you’re a regular reader of this blog, you probably already know why unwanted email is called SPAM, but just in case, here’s a refresher….

Read More

SenderID is dead

A question came up on the email geeks slack channel (Join Here) about SenderID. They recently had a customer ask for SenderID authentication.

Read More