The MVP of Email Deliverability
In team sports, every player has a specific job to do. But they all have the same goal – win the game! Email deliverability and authentication methods are similar – Sender Policy Framework (SPF) has one specific job. DomainKeys Identified Mail (DKIM) has another. Then, in 2012 a new “player” arrives on the scene – Domain-based Message Authentication, Reporting and Conformance (DMARC). While 90% of top brands are targeted by malicious email, 92% of Fortune 500 companies don’t use DMARC.1 SoftVu believes DMARC should be a top priority for every brand. DMARC takes elements of SPF and DKIM, adding more sophisticated features than those two combined creating the MVP – Most Versatile and Productive “player” of email deliverability.
WHAT IS DMARC and HOW DOES IT WORK
A DMARC policy allows a sender to indicate that their messages are protected by SPF and/or DKIM. It also tells a receiver what to do if neither of those authentication methods are in place – allowing it to head to the junk or spam folder, or simply be rejected. DMARC removes the guesswork from the receiving ISP’s handling of these failed messages, limiting or eliminating the user’s exposure to potentially fraudulent and harmful messages. DMARC also provides a way for the email receiver to report back to the sender about messages that pass and/or fail DMARC evaluation.2
“With SPF and DKIM your messages are properly authenticated and virtually tamperproof,” says Nick Peeples, VP of Engineering at SoftVu. “With DMARC you can control what inbound ISPs do with unapproved messages. Who wouldn’t want that?”
BENEFITS OF DMARC
While SoftVu currently does not require DMARC, we highly recommend our clients begin implementing a DMARC record. We believe that the major email providers like Gmail and Yahoo will begin to put more weight on DMARC set-up when it comes to inbox placement.
To test other consumer brands, we signed up for Target, Beauty Brands, Nike, and countless other retailers who utilize email marketing. You bet, they all had DMARC set up. Since our client base primarily consists of financial institutions, it is our professional recommendation that all of our clients set up DMARC in order to protect their domain reputation.
DMARC does more than just protect your domain. It also protects your potential customers and existing customer base as well. Without DMARC, consumers who work with you are left vulnerable to phishing and spoofing attacks.3
Nick explains it this way. “We all know bad ‘actors,’ who pretend to be your brand, can negatively impact your overall reputation. What many companies don’t think about is the damage those bad guys can do to their clients. DMARC proactively protects your brand’s reputation and your clients from imposters.”
WHY PUBLISH A DMARC RECORD?
Publishing a DMARC record prevents an imposter from sending mail from your domain. That protects your brand. Just publishing a DMARC record may result in a positive boost to your reputation. Nothing wrong with that! And, consuming DMARC reports increases visibility and transparency into your email program because it lets you know who is sending mail from your domain – something we’re sure you would want to know.
TOP 3 REASONS TO DMARC
HOW TO SET IT UP
Building your DMARC starts with those two key players mentioned earlier. You’ve got to have SPF and DKIM in place first. Now you’re ready to proceed.
WHAT ARE DMARC TAGS?
Here’s the real dirt on DMARC. It’s all about the tags. The tags are the language of the DMARC standard. The tags tell the email receiver what to do once it checks for DMARC. And there are various DMARC tags but Nick recommends you keep it simple.
“Our take is that you stay focused on the v=, p=, fo=, rua, and ruf tags. With those five tags you’ll have your bases covered. You can use a DMARC generator or SoftVu can help.” Nick also recommends you set your mail receiver policy to “none” which indicates the DMARC “monitor” mode.
|p||Policy for organizational domain|
|fo||Reporting of SPF related failures|
|rua||Reporting URI of aggregate reports|
|ruf||Reporting URI of forensic reports|
The monitor mode is critical to gathering information on your email ecosystem. It’s the best way to snag any culprits sending email on behalf of your brand. Plus, it tells you which emails are getting delivered and which ones are getting kicked out, important information to track, according to Nick.
“At the very least, having your DMARC record in monitor mode will give you the information to start tracking down any of those bad actors that are attempting to impersonate your brand or damage your reputation.”
The only thing better than having the MVP – Most Versatile and Productive “player” on your team is having the MVT – Most Versatile and Productive TEAM. Why not set your team up for a win with a DMARC home run? Let’s get those emails delivered where you want them to go!
Give SoftVu a call at (877) 611-0104 or send us an email at firstname.lastname@example.org with your questions. We are ready to help you with your DMARC needs.
1 Email Fraud and DMARC Adoption Trends, Second Half 2017, Agari Threat Center Report
2 Why is DMARC important? https://dmarc.org/wiki/FAQ#Why_is_DMARC_important.3F
3Internet giants form DMARC to battle email spam, phishing attacks www.digitaljournal.com