Following best practices in email authentication improves deliverability and protects your brand.

'It's best practice. But of course, there's always going to be unique situations where what's available to, you might not be available to another.'

Takeaway:

• Adhering to best practices ensures better email deliverability.
• Protects your brand from spoofing and phishing attacks.
• Stay informed about industry standards and adapt as needed.

Not all Email Service Providers (ESPs) fully support DMARC alignment by default, which can impact compliance.

'For example, if an it professional is not used to mail gun system, they won't know where to go which panel to be, what settings to change, how to generate the record for domain verification. Do I need to set up a sub domain? Do I need not to, does this support direct alignment? There's so many questions that it simply won't know without documentation without a guide without being able to see the application itself.'

Takeaway:

• Understand that not all ESPs support DMARC alignment out of the box.
• Work with your ESP to configure settings for DMARC compliance.
• Ensure your team is knowledgeable about the ESP's DMARC capabilities and configuration.

Many believe that setting up DMARC is a one-time task, but regular review and updates are necessary.

'You can have that set up a long time ago, years ago and really never have looked at it again. So you just make the changes when you need to just managing an SPF record is I think a good example you add, you know, way back when you know your SPF record was V equal SPF 1 a.m. X dash all done.'

Takeaway:

• Regularly review and update your DMARC, SPF, and DKIM records.
• Email infrastructure and practices evolve; keep your authentication mechanisms up to date.
• Periodic audits ensure ongoing compliance and security.

Collecting and analyzing DMARC data is crucial to understand and secure your email ecosystem.

'Well, the great thing with D Mark and Google and Yahoo for that matter is that they report, they are reporting every email they get. If you have a, an XML processor, you know, once you have your D mark record in there in your DNS, you start collecting data depending on your system. For example, the Martians, you can filter based on the reporter. So who's sending us the report, who you're sending mail to effectively, you can filter based on Google and you'll know how many emails you've sent to Google for a week and every day.'

Takeaway:

• DMARC reports provide valuable insights into your email sending practices.
• Use the data to identify all email sources and detect unauthorized use.
• Leverage tools to process and analyze DMARC reports effectively.

Segmenting email streams using subdomains can improve deliverability and simplify DMARC implementation.

'We always recommend and that falls within best practice. We're talking about a segmentation strategy and segmenting your email stream is very important for a variety of reasons. Security is one of them as well. But that's not always what a business decides to do because we spoke actually many years ago now that especially when we addressed uh BMI, that symbols are important. There's power in symbols in a company's logo, a company's name is a symbol and we've got so used to the internet that certain domain names are immediately very powerful upon seeing them.'

Takeaway:

• Use subdomains to separate different email streams (e.g., marketing, transactional).
• Improves security by isolating issues to specific subdomains.
• Helps in managing DMARC policies for different types of emails.

Relying solely on SPF records is not sufficient for DMARC compliance and may not prevent email spoofing.

'The majority by default, the majority of service providers will not be sending, using a return path. That is your domain because they do bounce management. Now, we're getting to the weeds here, but that's the bounce management. And the primary reason why SPF won't be aligned by default and it won't, alignment doesn't change magically, just by adding IP S to SPF record, it's a configuration change that needs to occur within the service that you're using.'

Takeaway:

• Adding IPs to your SPF record is not enough for DMARC compliance.
• Service providers may not align SPF by default due to bounce management.
• Configure your services to align SPF or use DKIM for DMARC compliance.

Implementing DMARC in large organizations can be complex due to multiple email sources and shadow IT.

'Their challenge is mostly shadow it. And by that, I mean, in business units within their organizations that, you know, they have a need for their business unit to perform their function. So they go out purchase a system, subscribe to their service either because the primary purpose is to send mail or something else like a benefits provider that just happens to send reports every month. And then it just does that spoofing your domain in a legitimate way, but it still does it. Now they have to worry about D mark. They don't want to cause a problem to those mail flows.'

Takeaway:

• Identify all email sources within your organization, including third-party services.
• Collaborate across departments to ensure all email streams are DMARC compliant.
• Use DMARC reports to discover unknown email sources and prevent potential issues.

Delaying DMARC implementation can lead to significant deliverability issues as email providers enforce stricter policies.

'Now that we have two of the biggest players in the space saying this is gonna happen. And this kind of makes me think of 2014 when the Yahoo said, hey yahoo.com and aol.com is now, uh people's rejecting everybody complaining about mailing list. Well, what's gonna happen with mailing list, you know, during that back, they didn't, they didn't turn it back. So mailing lists had to date, you know, their stuff and they had to start munching the front header whenever a domain had enforcement. So we're not walking this back. This is moving forward.'

Takeaway:

• Email providers are enforcing DMARC policies and won't reverse these changes.
• Delaying implementation could result in your emails being rejected or not delivered.
• Act now to ensure your emails continue to reach recipients.

Starting DMARC implementation can seem daunting, but taking the first step is crucial for email marketers.

'Don't assume assuming is bad. That's done. Learn empirical evidence. D mark data is there for that purpose. You can't make a guess here, you need to know what it looks like. So absolutely. Don't assume publish that record, collect data, look at the results and your mind's probably gonna get blown and then start your journey.'

Takeaway:

• Begin by publishing a DMARC record with p=none to start collecting data.
• Analyze DMARC reports to understand your email ecosystem.
• Use the insights to move towards DMARC enforcement for security and deliverability benefits.

DMARC compliance has become more important than ever for email marketers due to upcoming changes by major email providers.

'Yeah, it was pretty quick. Immediately after the announcement, we started getting a lot of questions coming in and not only just questions from our existing customer base, but also in ecosystems, all the mailing lists I'm on and there's been a lot of uh, what does that mean? And even almost immediately it trickled down to. Ok. So, does that change anything about the standards, if not? What's my current state? Like, I'm actually good even organizations that were like, yeah, we deployed D Mark, we got to reject months ago. Am I actually ready? So everybody's asking themselves are we actually ready?'

Takeaway:

• Major email providers are enforcing DMARC compliance, making it critical for email marketers to ensure they are ready.
• Review your current email authentication setup to ensure full compliance.
• Start evaluating your email practices now to avoid deliverability issues.