Domain authentication is key to successful email communications. It prevents email fraud and improves deliverability by proving to inbox providers that you own the domain you're sending from. In other words: it is a large step in ensuring that your marketing emails successfully land in your recipients' inboxes and not their junk folders.
How it Works
You can think of it like having an ID badge to get into an office space: In order to get in, you have to swipe/tap your badge on the security reader in order to gain access. So, if you have one, getting into the office shouldn't be too hard. But if you don't have one, it could be either difficult or impossible. And even if you do get in without a badge, you might get some confused looks because no one knows who you are.
Once you get in, you have your own cubicle assigned, but you still share the whole office with several employees. Generally, if everyone is respectful of the space, there should be limited to no problems. But if someone leaves their lunch in the refrigerator for 5 months, it ruins that particular shared space for everyone in the office. Now, in some cases, an employee might pay a little extra to have their own office so that they don't have to worry about any lunch shenanigans. But, in most cases, most employees will be assigned to a few shared office spaces.
So, the email authentication process for Virtuous is like the process of providing an ID badge to an employee to allow access to an office space.
- When you talk to the building manager, you exchange information and determine if you want to be part of a collective office space or have your own office. If you choose a shared space, then the building manager will assign your collective space based on your history of using shared offices. A badge is created for you to indicate that you are an approved person to use that office.
- Similarly, we use a Sender Policy Framework (SPF) that determines which IP addresses are approved to send email for a particular domain. If your IPs will be included in a pool shared by other organizations, we will assign that pool to you.
- If you try to get into an office without talking to the building manager first, again, it could be either difficult or impossible. And even if you do get in without a badge, you might get some confused looks because no one knows who you are.
- Without email authentication: If your recipients even receive your marketing emails, they will see them as coming 'via sendgrid.net' and not from your domain. Email service providers won't be able to tell where emails are coming from, so they won't be able to trust them, and in return, emails could be filtered out of recipients’ inboxes.
- When you try to get into an office with a badge, it's generally easy.
- With email authentication: Recipients will not see emails coming in as 'via sendgrid.net,' so it builds trust with recipients knowing that the email is coming from you. When email service providers know who the email is coming from, it will also build trust with them, which means emails will be less likely to be filtered out of inboxes.
- When you share an office space, no matter what kind of space it is, it is important to be respectful of your coworkers.
- When assigned a pool: Consider email best practices as you develop your marketing strategy.
Now, let's talk about the information transfers needed in order for approval.
How to Authenticate
- Contact technical support - let them know you would like to have CNAMEs created and what the records are for, along with any additional information that might be needed.
- Confirm your primary sending domain (@example.org).
- Once confirmed, technical support will create CNAME records and send them to you.
- Add these CNAMEs to your DNS provider. If you are unsure about how to do this, reach out to your web host's support team - they will likely be able to help.
- Contact technical support to let them know these CNAMEs have been added.
- Technical support will complete the verification process to finalize setup.
Note: Some providers can take up to 48 hours to propagate.
Adding SPF Record (Best Practice)
In most cases, the instructions above should suffice. But in some instances, you may need access to our SPF record:
v=spf1 include:spf.crm.virtuoussoftware.com ~all
Keep in mind: The above SPF record does not take your current SPF settings into account, so you will need to combine them to have a full SPF record.
To continue creating your own: In our record, after v=spf1, add all entities authorized to send email on your behalf. Then, publish this SPF record into your DNS.