How to Avoid SPAM Filters – Part 1: Authentication
When you send newsletters to your users, it is very important to avoid spam filters and deliver to their inbox.
In this series of articles, I will provide you with useful and practical ways to avoid spam filters and stop newsletters from falling into the spam or junk folder.
This is part 1 and we will look at email authentication using SPF, DKIM and DMARC to ensure reliable delivery. Those three abbreviations might sounds very complicated and put you off from reading the rest but they are one of the most important parts to avoid the spam folder so please bare with me and I’ll explain.
What is Email Authentication?
In short – email authentication is a way for you to prove to receiving mail servers that you are who you say you are.
When a receiving mail server can verify that the email comes from the origin it says it does, they are less likely to mark it as spam or junk for their users. This verification is done in 3 possible ways namely SPF, DKIM and DMARC. Some email servers use 1, 2 or all 3 of those but your newsletters should be signed with all 3 to make sure you have all your bases covered.
The technology behind email authentication and verification is a bit more complicated but luckily your newsletter software, hosting provider or email sending relay provides you with a quick and easy way to simply turn these on without having to dig into the technicalities of it.
How to Turn On Email Authentication
You’ll need to turn each of these email authentication methods on individually but your provider should provide you with a centralized place to do that.
Here are the 3 types of email authentication and how to turn them on:
1. DKIM (Domain Keys Identified Mail)
DKIM ensures that the email is still the way it was when it was sent and that it wasn’t changed in transit.
Use one of the following methods to turn DKIM on:
1.1. In the Newsletter plugin
If you are using our WordPress Newsletter plugin, you’ll find a DKIM wizard in the plugin under Newsletters > Configuration > General > General Mail Settings which will walk you through the steps of setting up DKIM accordingly. See the DKIM wizard documentation for more information.
1.2. Inside Hosting Control Panel
Depending on what type of hosting control panel you use, the setup may differ but since cPanel is the most popular, we’ll go with that. You can turn on DKIM under Home > Email > Authentication inside of cPanel. See their Email Authentication documentation for more details.
1.3. Email Provider/Relay Service
Most of the email relay services such as Mailgun, SendGrid, Amazon SES, etc. have DKIM settings built into their user panel so you can turn it on there. See the relevant documentation of your email relay service for instructions on how to enable DKIM.
2. SPF (Sender Policy Framework)
This is the oldest method of email authentication. SPF allows ISPs to check if the IP address that the email was sent from is in a list of allowed IPs in the sender’s DNS records to verify whether or not the sender is who they say they are.
Use one of these steps to enable SPF:
2.1. Inside Hosting Control Panel
Again, looking at cPanel hosting control panel for example, you can turn on SPF under Home > Email > Authentication. See their SPF documentation for further information on how to enable SPF inside cPanel.
2.2. Email Provider/Relay Service
Most of the email relay services, such as MailGun, SendGrid, Amazon SES, and others, have SPF settings built into their user panel so you can turn it on there. See the relevant documentation of your email relay service for instructions on how to enable SPF.
3. DMARC (Domain-based Message Authentication, Reporting, and Conformance)
DMARC is the newest of the email authentication methods and the most powerful as well. It is relatively new and not required by everyone though it harnesses the power of both SPF and DKIM to help the sender and receiver work together to create a secure email environment.
Most hosting control panels don’t officially support DMARC yet and some email relay services don’t either but you can do this with the use of a DNS record. See these instructions to setup DMARC in cPanel for example.
I am the owner at Tribulant Software and I have a great passion for WordPress, development, blogging and the Internet in general. Building useful plugins to improve WordPress’ functionality is my goal.