In a recent article, we examined some of the key issues that are involved with sending bulk emails to your prospects and customers. Probably one of the worst consequences you can face is that of being completely blacklisted, where your domain is no longer accessible to the outside world.
In this article, we look at some other ways to make sure your emails get through.
What Are The Other Methods?
Some of the newer methods that you have to use now, especially if you make use of your personal email accounts to send bulk emails, most notably from Yahoo and Google (Gmail), are as follows:
- Keeping a threshold:
Most Internet Service Providers (ISP’s) also usually provide email services along with your web hosting account. They too are leery of having their account holders sending out too many emails which get marked as “Spam”. As a result, they have established thresholds for this, and if you cross any one of them with the bulk emails that you send out, they will blacklist you in their own way, depending upon what their policies are. The same is now taking hold for both Yahoo and Gmail. For example, with both of them, the original “Spam” rate was as high as 0.30%. Now, they are significantly lowering that to just 0.10%. The bottom line here is that if you are still using them as bulk emailing providers, you now have to carefully scrutinize your “Spam” related metrics.
- Email authentication:
Given the boom of Generative AI these days, it is almost impossible to tell what is a legitimate email and one that is not. Therefore, both Yahoo and Gmail are now requiring their account holders to add extra layers of authentication to your bulk emails in order to confirm their authenticity and legitimacy. In addition, Google is pushing for a new standard called BIMI, which requires a registered trademark through the US Patent and Trademark office (USPTO). This is another level of proof that you are who your domain represents. Here is what will be required:
- Using SPF (Sender Policy Framework):
This is a method of email authentication that helps validate mail sent from your account]to prevent spoofed senders that are used in business email compromise (BEC), ransomware, and other phishing attacks.”
(SOURCE: 1).
In simpler terms, this is a way of confirming not only the identity of you and your business, but also that your email is the real thing. It also includes your digital signature.
- Using DKIM (DomainKeys Identified Mail)
- This is a standard that uses public/private key cryptography to sign email messages. A DKIM record verifies that the email came from the domain with which the DKIM key is associated and that the messages have not been modified in transit.”
(SOURCE: 2).
This not only validates you and the emails you send, but it also ensures that those messages have not been intercepted and altered by a malicious third party. This is done by using Cryptography.
- Using DMARC (Domain based Message Authentication, Reporting, and Conformance)
“[DMARC] is a standard that prevents spammers from using your domain to send email without your permission — also known as spoofing.”
(SOURCE: 3).
In other words, this functionality helps to prevent the Cyberattacker from not only using your legitimate domain name, but also mitigates the risk of them stealing your email address book. For example, with the latter, once it has been hijacked, a Cyberattacker can take any of the contact details (like the name and email address), and use that to send out a Phishing based email that looks legitimate, because it is using your domain.
- Using BIMI (Brand Indicators for Message Identification – bimigroup.com)
“[BIMI] leverages the work an organization has put into deploying DMARC protection, by bringing brand logos to the customer’s inbox. For the brand’s logo to be displayed, the email must pass DMARC authentication checks, ensuring that the organization’s domain has not been impersonated.”
(SOURCE: 4).
In other words, this functionality helps to further prevent the Cyberattacker from not only using your legitimate domain name, but also mitigates the risk by forcing the verification to be a registered trademark with the United State Patent and Trademark Office. BIMI strengthens DMARC verification and provides less risk to users that are receiving emails from your organization.
Conclusions
Abiding by these new mandates from both Yahoo and Google can truly be an administrative headache, if you are trying to do all of this manually. Therefore your best options to alleviate this are as follows:
- Use an email services provider like SENDGRID
- Set up an M365 business account where all of these tools are provided to you at no extra charge.
- Submit the necessary legal protection for your brand by filing a Trademark with the US Patent and trademark office for your BIMI logo.
If you are interested in the last option, contact us today.
Sources