Understanding the following technical issues allows you to discuss these issues with your service provider or decide whether you have the skills to take on the technical challenges to email delivery yourself. If you’re not technically oriented and you find yourself lost in the following sections, skip ahead to the section called “The Benefits of Sending Through an Email Service Provider” so you can determine whether your email service provider takes care of these issues for you.

The industry has settled on two basic authentication mechanisms: SPF/Sender ID and Domain Keys Identified Mail (DKIM), which integrates its predecessor DomainKeys with elements of Cisco’s Identified Internet Mail. Senders need to implement both mechanisms, since they won’t always know which one(s) any given receiver is checking.

Although the basic email authentication technologies have been around for a number of years, it is only recently that there has been significant uptake in the industry. Constant Contact was one of the early adopters: We have had support for SPF, Sender ID, and DomainKeys in our product for quite some time, and added support for DKIM in early 2008.

Microsoft reports that over 90 percent of email marketers are authenticating their email with Sender ID; most major ISPs including Hotmail, MSN, Yahoo, AOL, Comcast, and GMail have implemented authentication on the receiving side. In January 2008 the Authentication and Online Trust Alliance issued a report claiming that email authentication had reached the “tipping point” and issued a call to action to ISPs and other receivers to start leveraging authentication more strongly in their inbound filtering.

Email authentication has benefits for the following parties:

If you (as an individual or a company) own and manage your own DNS domain, you can create and publish your own authentication records. Note that having your own domain name does not always imply that you can manage your DNS entry; whether you have that access depends on your domain hosting provider’s policies. With this level of self-management, it helps to have an experienced IT department or consultant in order to avoid problems with incorrect or out-of-date DNS authentication entries.

Assuming that you do have access to your DNS entry, you next have to decide which authentication information you want to publish. Sender ID (or SPF) is the simplest way to implement authentication on the sender side, since all it requires is that you publish an accurate SPF record. DKIM is somewhat more complex: In addition to publishing the authentication information, your mail servers (or the mail servers of your ESP) need to be prepared to do the cryptographic signing required by the sender side of the DKIM authentication protocol.

The approach you need to take in order to get this information published will differ according to your specific situation, but most people fall into one of three basic categories:

For Sender ID, the record that needs to be published is called the Sender Policy Framework (SPF) record. The SPF record lists all of the email servers that are authorized to send email on behalf of your domain. These servers can be listed explicitly, and they can also be included from an existing SPF record in another domain by including a reference to that external SPF record.

For DKIM, the information that needs to be published in your DNS entry is the public key that receivers will use to validate your DKIM signed messages.

We know that many Constant Contact customers may not be interested in managing Sender ID compliance on their own. The Constant Contact Authentication email setting therefore enables you to turn on Microsoft Sender ID as well as DomainKeys, Domain Keys Identified Mail (DKIM), and SPF authentication for your outgoing email with no effort from you other than selecting your authentication domain name.

One great thing about technology is that it’s constantly improving, and spam filters are no exception. In the past, ISPs relied primarily on block-lists (free lists of “bad” senders) and content (“spammy” words) to filter emails. Now they use far more sophisticated technology to collect data that helps them to establish the reputation of the sender. This reputation will, in large part, determine whether email sent from that sender makes it to the inbox, is filtered into the junk mailbox, or dropped all together.

There are two types of sender reputation. The first is that of the Internet Protocol (IP) address (server address) that an email is sent from. The second is that of the domain name (e.g., www.constantcontact.com). If you send through Constant Contact, you can rely on the reputation of our IP addresses and in some cases our domain name. Some ISPs look at the “From” address to determine the domain name. In this case they would base your reputation on your domain name (e.g., [email protected]), while others look at the actual domain the email is coming from, in this instance, constantcontact.com.

Yahoo!, Hotmail, AOL, and other ISPs have a variety of factors they consider to determine an IP address’s reputation, including:

At present, the IP reputation is the primary factor considered by the ISPs, but the importance of domain name reputation (the second sender reputation) is on the rise. A significant step in building one’s reputation leads back to authentication. When a domain name is authenticated (or validated) by an ISP, it provides the ISP with a reliable identity on which to build the sender’s reputation. Think of it like building good credit. Your credit is tied to your social security number. In this case, your reputation is tied to your domain name. With credit, if you play by the rules and exhibit best practices, you can get loan approval and that shiny new car. When you have a good domain reputation, you get ISP approval and the reward of emails delivered to the inbox.

While no ISPs have made authentication an absolute requirement for incoming mail, they are rapidly moving in this direction. That’s why it is in your best interest to make sure your email is authenticated.

Maintaining a good reputation requires that we set high standards and are selective with who can mail through us. For example, we require our customers to use permission-based email lists. When our team sees signs of a purchased or harvested list, they contact the customer to get more information and sometimes must close an account. This is one of the hardest things we have to do, but keeping our customers’ delivery rates high is our number one priority.