Enhancing Email Deliverability for B2B senders’ outbound transactional and marketing emails was a core track at last week’s InboxExpo. This post covers several key takeaways to help you improve your B2B email deliverability.
In case you missed it, to further reduce spam and domain spoofing specifically, Google and Yahoo (affectionately called “Yahoogle”) have sharply upped the ante for email senders by requiring us to send “authenticated” email in most cases, which means deploying DMARC. Microsoft is also tagging along, as is Apple. Proofpoint has a good summary of the requirements.
Separate Your Transactional Email from Marketing Email
Email marketers have a lingo all their own! Companies that send marketing emails are called “Brands” and just regular day-to-day email where we send out hand-crafted emails to customers, suppliers, vendors etc., as well as things like invoices, order confirmations, etc. is called “Transactional” email. Marketing emails at InboxExpo were typically referred to as just “email”.
It has always been a best practice to segregate transactional email from marketing email. The use of subdomains has been popular in the past; e.g. have humans use <name@mycompany.com> for those personal “transactional” emails, and use like <no-reply@offers.mycompany.com> for sending to your marketing lists.
I found a number of marketers however who indicated Google are now internally ranking domains, and subdomains’ activity can “taint” the reputation of the top-level domain used for transactional emails. Consequently, it is being recommended to shift your marketing emails to a different TLD entirely. IOW, have staff, employees and your accounting system continue to use “mycompany.com”, but have your marketing emails come from like “mycompany.info”.
Put differently, the days where salespeople could (and were expected to) send emails to dozens/hundred/thousands of contacts in their address books is over. If you allow your salespeople to do this, you will find your domain’s reputation quickly tainted, and more regular (“transactional”) emails likely marked as spam. If you self-host, your email server’s IP address reputation will also suffer. Just because your domain or IP address is not on a public blocklist does NOT mean that the majors are not adding you to their own internal IP and domain blocklists!
BIMI and DMARC
BIMI is controversial, with some seeing it as a marketing scheme to enrich the SSL certificate providers (Note: three more BIMI certificate providers are in the pipeline for approval, so we should see some price competition hopefully soon.) But according to Matthew Vernhout, Principal Email Advisor with Email Industries and Communications Chair at BIMIGroup.org, BIMI’s key goal is actually to promote adoption of DMARC. At Mission Critical Email, we’ve required our Zimbra Hosting customers to have SPF, DKIM and DMARC records now for several years, believing that DMARC and authenticating email is critical to preserving our and our customers’ brand identity and to prevent domain spoofing. You can deploy BIMI without one of those super-expensive SSL certificates, but I was told that recipients’ systems that support BIMI, even with an SSL certificate, will only display the logo when the sending email address is a non-human, marketing-related email address. IOW, emails from like “newsletter@mycompnay.com” would have the BIMI logo displayed, but emails from “steve.smith@mycompany.com” would not. This I am told is to avoid conflict with users’ increasing use of personal avatars — and provides yet another reason to put your marketing emails on a separate TLD from your transactional emails.
DMARC Implementation: p=quarantine or p=reject?
Because Microsoft is Microsoft, I was told that it is best to have p=quarantine in one’s DMARC record, even though if we have our ducks in a row, p=reject would seem like the better way to go. Apparently, the reason for this is that Microsoft does some “beautification” of emails with different encodings, which breaks DKIM verification is some 20% of cases where such beautification happens. I was skeptical when I first heard this, but then I did a Google search and found lots of instances where Microsoft does indeed alter messages in a way that breaks DKIM. Better to have your legitimate email marked by Microsoft as Junk rather than to have it discarded outright, so at least until we hear that this has been rectified, we are recommending p=quarantine in one’s DMARC record.
“Physician: Heal Thyself!”
Everyone at the conference strongly supported Yahoogle’s email authentication initiatives to cut down on domain spoofing by requiring senders to use DMARC, but there was also a strong undertone of resentment that the outbound sides of Google, Yahoo and Microsoft account for the majority of spam volumes from which we all need to protect ourselves. It was hoped that the outbound side of these service providers would be a bit more strict in holding their own customers to the same standards as they require of others endeavoring to send email to their customers.
One-Click Unsubscribe
June 1 is the date when Google’s one-click unsubscribe requirement goes into effect for bulk senders. There was concern at InboxExpo that Google would apply this requirement aggressively, even to smaller senders. It’s why we recommend using only specialized email sending services (MailChimp and similar) for marketing emails, and, as stated above, that such emails emanate from an entirely different domain than your regular corporate (“transactional”) emails. You don’t want your transactional emails blocked just because you send marketing emails from the same domain!
Summary Conclusions
InboxExpo was very helpful in affirming many of our prior conclusions and current best practices around email deliverability. Every marketer I met who asked me about DMARC gave me a huge thumbs up when I told them that we have been requiring our hosting customers to implement SPF, DKIM and DMARC; they indicated our customers should be enjoying enhanced deliverability and higher domain reputations that will only help their brands’ attractiveness. Learning more about Microsoft’s “breaking” DKIM and using p=quarantine instead of p=reject was very helpful, and while BIMI may not be for everybody, it was good to hear that driving DMARC adoption is a key goal for all.
Looking forward to next year’s show! And in the interim, if you’d like help with your Zimbra email deliverability challenges, please reach out using this form:
Hope that helps,
L. Mark Stone
Mission Critical Email LLC
20 May 2024
The information provided in this blog is intended for informational and educational purposes only. The views expressed herein are those of Mr. Stone personally. The contents of this site are not intended as advice for any purpose and are subject to change without notice. Mission Critical Email makes no warranties of any kind regarding the accuracy or completeness of any information on this site, and we make no representations regarding whether such information is up-to-date or applicable to any particular situation. All copyrights are reserved by Mr. Stone. Any portion of the material on this site may be used for personal or educational purposes provided appropriate attribution is given to Mr. Stone and this blog.