Email deliverability is a term referring to the likelihood that an email message will make it through to an inbox rather than being caught in a spam filter.

Spam filters take a heuristic approach to determining which mails are good for the user to see and which should be junked, and therefore many factors enter into determining which messages pass muster. One type of email that spam filters seek to catch is phishing email, which impersonates the identity of a trusted individual or brand in order to trick its victim into taking some ill advised action.

Email senders have evolved a broad set of techniques believed to decrease the chance of messages being caught in spam filters. One of these techniques is authenticating their email.

Introducing Email Authentication

One component of deliverability that is not fully addressed by most senders is the role of email authentication in improving delivery rates. Email authentication is where incoming emails are checked to ensure they originated from the domain name owner or a service approved to send on the owner’s behalf.

Phishing messages commonly spoof the domain name of the impersonated party in the From field. That means email authentication helps weed out phishing email by shining a light on those messages claiming false origins.

Major ISPs have unequivocally stated that email authentication will lead to a higher delivery rate. In fact, Gmail has recently begun to penalize non-authenticating email in various ways including marking an email as suspicious, removing graphics, and lowering deliverability rates. Microsoft has announced it plans to follow suit with its email software and services. Therefore, spam filters are more likely to allow authenticated messages through to an inbox than unauthenticated ones.

Domain owners can choose to monitor and control who sends mail messages through an email authentication standard called DMARC (Domain-based Message Authentication, Reporting & Conformity). DMARC specifies how domain name owners can use DNS entries to instruct receiving mailboxes on which servers are authorized to send email using that domain names.

The domain owner also can define how email receivers are to treat incoming messages that fail authentication, with the choices being:

  • Allow them to continue to mailboxes
  • Drop them into junk boxes
  • Don’t deliver them at all

DMARC is honored by all major email service providers (ESPs), accounting for 2.7 billion mailboxes worldwide.

Dealing with DMARC

Unfortunately DMARC is a complex and error-prone protocol to implement. And as your business evolves, your DMARC records need to stay current or critical email may not get to its destination.

ValiMail addresses this problem through Email Authentication as a Service™. The ValMail cloud service automatically configures and monitors DMARC records for your domains, along with the SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records it builds on.

The intuitive ValiMail console gives you visibility on the volume and nature of mail sent using your domain names, including phishing email, and lets you manage and update your approved senders, cryptographic keys, and other settings with point-and-click ease. It provides correctly configured, error-free, current email authentication for as many domain names as you like, protecting your employees and your customers from impersonation attacks.