All posts by Chris Maeda

Email Authentication Next Steps – DMARC

By | Email Authentication, Product Features | No Comments
Email Authentication

How DMARC Email Authentication Works

DMARC (Domain-based Message Authentication, Reporting & Conformance) can be regarded as the latest advancement in email authentication. However, since it is not as convenient as SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail), we believe it is important to understand how DMARC is different, how it works and why should it matter to you.

So, to explain as clearly as possible, DMARC is a process that ensures that all legitimate emails are authenticating properly against established SPF and DKIM standards. It also ensures that any fraudulent activity appears to be coming from domains that are under the control of the organization (defensively registered domains, active sending domains, and non-sending domains) is blocked. Domain Alignment and Reporting are the two values of DMARC.
DMARC’s alignment feature effectively prevents any attempts of spoofing of the ‘header from’ address in the following way

⦁ It matches the ‘header from’ domain with ‘envelope from’ domain name that is used while performing an SPF check.
⦁ It matches the ‘header from’ domain name with the ‘d=domain name’ in DKIM signature.
In order to pass DMARC, the message has to pass SPF alignment and SPF authentication and/or DKIM alignment and DKIM authentication. A message will certainly fail DMARC if it fails any of these.

DMARC also helps senders in instructing email providers on how the authenticated email has to be handled via a DMARC policy, eradicating any grey area for guesswork on how to treat emails that fail the authentication.

Senders can choose to either:
⦁ Quarantine the message(s) that fail DMARC (move it to spam folder),
⦁ Reject the message(s) that fail DMARC (don’t deliver the mail at all), OR
⦁ Monitor each and every mail, understanding the brand’s email authentication system and guarantee that a legitimate email is authenticating adequately enough, without any interference with the delivery of the message(s) that failed DMARC.

Mailbox providers regularly send forensic and DMARC aggregate reports back to the senders, giving them complete visibility of the messages that are getting authenticated and the ones that are not, and why.

So why does DMARC really matter to you? The answer is quite simple – DMARC is the first and the only widely deployed technology that can authenticate the trustworthiness of the ‘header from’ address. This foolproof process protects customers and the brand, as well as discourages all cybercriminals to go after brands that have a DMARC record.

Read this article to find more about Mail Monitor’s email authentication processes.

First Things First – Email Authentication

By | Email Authentication, Product Features | One Comment

So you’ve scheduled a new offer for potential customers and you think you’ll be getting great conversions on these emails. But just when you hit your dashboard to monitor the results, you see a very different picture – you notice that a lot of your emails never got opened, ringing an alarm that maybe your much-anticipated offer has been eaten up by the recipient’s junk folder. You might be having the common email authentication problem that needs serious troubleshooting if you want your email marketing strategies to be a success.

What is Email Authentication?

To understand email authentication and how major services work, you need to know the following methods most commonly used by major mailboxes:

  • Sender Policy Framework (SPF)SPF is an email validation system that identifies email spoofing by checking that the incoming email is from a domain’s authorized host. All authorized hosts for a domain are published in the Domain Name System (DNS) records on behalf of that domain in a specially formatted TXT record. SPF records prevent spammers from using your domain to send content from a forged address. With the increase of spam attacks and hack attempts to encourage recipients to share sensitive information via emails, all major commercial and corporate mailbox providers have layers of SPF checks in place to defend their customers.
  • DomainKeys Identified Mail (DKIM) – Just like SPF, DomainKeys Identified Mail (DKIM) is an authentication method for emails that detect spoofing. The purpose of DKIM is to help recipients check if an email has come from an authorized owner of the user domain and identify any forged sender addresses. DKIM allows an email message to associate with a domain by affixing a digital signature. The verification is done by using the public key of the signer published in the DNS. DKIM also usually helps ensure all attachments in an email are safe to open. While these email authentications can seriously affect your email marketing campaigns, they also mean that if you are prepared, you have a stronger chance of being trusted and noticed by your recipient.

The good news here is that MailMonitor already has SPF and DKIM authentication checks in place for each and every email that our customers send. Having full control on evaluating email authentication helps us inform you of any issues so that you can get to troubleshooting in real time.

 

We Lost Our “App”!

By | General | No Comments

After 5 years we finally decided to secure the MailMonitor.com domain!  The “app” in MailMonitorApp.com has caused confusion more than a few times so we’re happy to simplify and save everyone a few keystrokes.

We figured we might as well build a new site to celebrate.

Voila!  Let us know what you think!

P.S. For the time being our application site and API URLs will still continue to use the mailmonitorapp.com domain name.

Google Releases Postmaster Tools for Gmail

By | Tips and Resources | No Comments

Gmail has now added additional tools for senders.  Sign up is free to anyone at https://gmail.com/postmaster/.  Domains need to be verified when the account is created but Google will display spam rate when they have the data available.

This is a great sign for good acting senders who have traditionally felt Gmail was one of the tougher ISPs to troubleshoot when bulked or blocked due to a lack of data.