Getting your authentication right is vital. If you don’t, you’re risking many of your emails going to spam, even if you’re doing everything else right.
All three authentication methods described here can only be set up if you have access to your DNS Control Panel, which you normally find in your Web Hosting or your Domain Hosting control panels.
If you need help setting your authentication up, we offer a Done For You Authentication service that will take care of everything for a one-off cost.
Signing Your Emails: Are you using DKIM to digitally sign emails from every platform you use?
It’s very easy to send emails from any address you like, even if you don’t own the domain. Signing your emails using DKIM (Domain Keys Identified Mail) proves that you are a legitimate sender and that the email really came from you.
DKIM has to be set up inside each email platform that you use, so we can’t go into too much detail here. Just search for “Email Authentication” or “DKIM” in the help instructions for each system you use.
Bonus Tip: Don’t just set up DKIM on your email marketing platform; make sure that emails sent from your day-to-day mailbox provider, such as GSuite or Microsoft 365 are also signed using DKIM, as well as any other platform you send email from.
Who You Trust: Are you using SPF to list all the email providers you trust to send your emails?
If you don’t have SPF (Sender Policy Framework) set up correctly, there’s a strong risk your emails could be rejected completely or end up in the spam folder because they don’t recognise your email marketing platform as a trusted sender.
If you’re getting particularly low open rates with Microsoft (Office365, hotmail etc.), this could be why.
Again, make sure that every email platform you use is listed, and only ever have one SPF record set up! Having two SPF records is as bad as not having anything set up at all.
If you need to know how to set up SPF, check out this guide:
and note that you probably won’t need to include any IP addresses; focus on the “include” statements that you’ll need to add, normally one “include” statement for each email platform you send from.
Once you’ve set up your SPF record, check it by going to https://dmarcian.com/spf-survey
When Authentication Fails: Are you using DMARC to protect from spoofed emails?
DMARC (Domain-based Message Authentication, Reporting & Conformance) specifies what mailbox providers should do when they receive an email from you that hasn’t passed any other form of authentication.
Be careful – get DMARC wrong and all your emails might end up going to spam. But set it up correctly and it’ll reinforce that you’re a legitimate sender and make sure that other people can’t send emails from you.
If you need help setting up your DMARC record, use the wizard at https://dmarcian.com/dmarcrecord-wizard/ and, as a minimum, accept all the defaults you’re offered and leave the “Aggregate Reports” option empty.
Once you’ve set up your DMARC record, check it by going to https://dmarcian.com/dmarcinspector/
Did You Already Download My Checklist?
Finally, if you’ve not already downloaded your copy, make sure you check out The RACE Method Checklist, my simple guide that covers the tips I’ve included here and shares all the other important steps you should take to Avoid the Spam Folder and Double Your Open Rates.