Most companies sending email truly underestimate how much deliverability can impact their organization. A beautiful, well-constructed, and highly effective email can wind up in the junk folder of someone who subscribed and wished to convert with your company. That’s a terrible situation to be in.
Even worse, you may not even realize that your emails are being routed to junk unless you’re using an inbox monitoring tool. They do this through providing a seed list and then monitoring those inboxes, then reporting to you whether or not your email made it to each major Internet Service Provider.
Your email reputation and inbox placement can be impacted by any number of issues, but most of it comes down to five issues:
- Configuration – are your domain and email server configured so that ISPs can authenticate that the emails are truly coming from your company?
- List – are your email addresses updated, valid, and opted into your email? If not, the chances of being reported as SPAM are significantly higher
- Reputation – is the sending IP known for sending SPAM via junk reports? Has it been blacklisted before?
- Volume – are you sending a large volume of emails? Bulk email sends absolutely trigger stricter monitoring of senders.
- Content – do you have red flags with terminology you’re utilizing in your email? Are you sending bulk emails with bad URLs, domains that have been flagged for malware, or are you lacking an unsubscribe link in your emails?
Marketing Cloud’s Sender Authentication Package
If you’re sending more than 250,000 emails per month and a Salesforce Marketing Cloud client, you should absolutely invest in their Sender Authentication package, which is a robust configuration to ensure you maximize the deliverability of those messages to the inbox. The Sender Authentication Package offers the following:
- Private Domain – This product enables you do configure a domain used to send email. This domain acts as the From address for your email sends. Salesforce Marketing Cloud authenticates your email sends using the Sender Policy Framework (SPF), Sender ID, and DomainKeys/DKIM authentication.
- Dedicated IP Address – This product assigns a unique IP address to your account so that your reputation is entirely yours. All email messages sent from your account via Marketing Cloud use this IP address. This IP address represents most of your sending reputation.
- Reply Mail Management – This product controls the replies you receive from your subscribers. You can assign filters for out-of-office messages and manual unsubscribe requests.
Additionally, the package comes with Account Branding, where Marketing Cloud brands your account with your chosen authenticated domain. This product modifies link and image wrapping and removes all references to Marketing Cloud in favor of your authenticated domain.
Sender Authentication Package Video Overview
ARVE Error: src mismatch
src in: https://www.youtube-nocookie.com/embed/-FeWMuaIw58?feature=oembed&wmode=opaque
src gen: https://www.youtube-nocookie.com/embed/-FeWMuaIw58Actual comparison
src in: https://www.youtube-nocookie.com/embed/-FeWMuaIw58?wmode=opaque
src gen: https://www.youtube-nocookie.com/embed/-FeWMuaIw58
Configure Your Private Domain
Your private domain enables ISPs to authenticate as well as effectively communicate issues with your subscriber through feedback loops. Within the Sender Authentication Package, you’ll have to set up your DNS to enable quite a few subdomains for sending and response, as well as authentication keys. With subdomain delegation, also called zone delegation, you’re only transferring part of your existing domain to Marketing Cloud as part of your authenticated domain configuration. Marketing Cloud only uses the specified subdomain for appropriate activities.
|@||sample.domain.com||MX||Allows email sends using Marketing Cloud servers|
|bounce||bounce.sample.domain.com||MX||Tracks email sends and bounces|
|reply||reply.sample.example.com||MX||Allows Reply Mail Management to handle filters and forwards replies to specific addresses|
|leave||leave.sample.domain.com||MX||Allows subscribers to unsubscribe|
|image||image.sample.domain.com||CNAME||Points to Marketing Cloud image servers|
|view||view.sample.domain.com||CNAME||Points to Marketing Cloud View As a Web Page servers|
|click||click.sample.domain.com||CNAME||Points to Marketing Cloud Click URL for tracking click-throughs|
|pages||pages.sample.domain.com||CNAME||Points to Marketing Cloud microsite and landing page servers.|
|cloud||cloud.sample.domain.com||CNAME||Points to Marketing Cloud’s cloud page servers.|
|mta||mta.sample.domain.com||A||Points to your dedicated IP Address|
|TXT||Authenticates DKIM and DK Selector|
|@||sample.domain.com||TXT||SPF1 – SPF status authorizes bounce host in mfrom identity|
|bounce||bounce.sample.domain.com||TXT||SPF1 for bounce host|
|reply||reply.sample.domain.com||TXT||SPF1 for reply host|
You’ll absolutely want to get a wildcard SSL certificate for your domain for Marketing Cloud to utilize as well. Accounts configured with SAP that do not use an SSL certificate show a secure Marketing Cloud domain on the properties of images in Content Builder. When you add the image to an email, the URL in the editor shows your custom domain setup with SAP. The copy link on the image properties page copies the custom domain for use in emails, landing pages, and browser.
IP Address Warming
Once the Sender Authentication Package is fully configured, the sending IP addresses must be warmed up. This is because the ISPs have no reputation associated with your IP address. If you just start sending everything through the new configuration, there’s a high risk of getting blocked. Most connections from new IP addresses are attempts to deliver unsolicited spam or other unwanted mail, so ISPs are suspicious of a new IP address sending mail.
The largest ISPs and webmail providers recommend that you build up a sending reputation on any new IP address by slowly and methodically sending in small volumes, then gradually increasing your volume of desirable mail to their users. This sending reputation is referred to as the warming or ramping up of your new IP address.
The goal is to build up approximately 30 days of desirable sending history and data so that ISPs have an idea of the mail coming from your new IP address. The ramp-up period can take longer than 30 days for some senders and a shorter time for others. Factors such as your overall list size, list quality, and subscriber engagement can influence the amount of time it takes for your IP address to be fully ramped up. Highbridge has launched IP Warm, a service that automates and optimizes your campaign lists and schedules to minimize any risks associated with migrating to a new IP Address.
Marketing Cloud recommends that you focus on sending to your most active and engaged subscribers during this critical period since it can be the initial basis for the ISPs to determine your sender IP addresses sending reputation. Ramp up involves sending a limited number of messages per IP per day, so it may be necessary to further adjust your current sending practices as part of the process.
If you have questions or need assistance in implementing inbox monitoring or need help in configuring your Sender Authentication Package, we can work with your Salesforce representative and get you fully configured, warmed up, and sending mails!