Ensuring Email Deliverability With DKIM
Ensuring Email Deliverability With DKIM

Ensuring Email Deliverability With DKIM

📔

Written by: Jim Wrubel Published on: @August 10, 2021 Last updated: @August 10, 2021

Tools used in this recipe

🧰
Searchable List of Tools, References, and Best Practices

If you've used the Internet for any length of time you've undoubtedly received plenty of spam email. It's been a scourge of the online experience for decades, and although filtering has improved the problem still exists. As an entrepreneur, email is a critical tool in your kit. It can help you reach prospects, encourage repeat orders and product engagement, connect with investors and prospective investors, and more. If your company's email starts getting routinely flagged as spam it could mean the end of your business.

What if I'm using my personal email for business? Spam filtering products generally attach a 'reputation score' to particular email addresses. If enough recipients flag your emails as spam, all of them could be filtered. You can imagine how frustrating it would be to have emails to family and friends be caught in spam along with your business emails. Take the time early in your startup to create a separate corporate email and use an email marketing tool for all of your bulk company email. It'll save you a lot of potential hassle.

As part of the ongoing battle with spam, committees charged with designing Internet protocols added a number of tools to help companies like yours self-identify their emails as safe. In this recipe we'll walk through implementing several of them. You should go through the steps in this recipe every time you allow a new tool to send email on your behalf, and set a reminder every six months to review these settings.

To implement this Recipe you'll need two things already in place:

  • A registered domain name for your startup. In this Recipe we'll use Namecheap but the process is similar for every registrar.
  • An email delivery provider. In this Recipe we'll use Mailchimp but the process is similar for every provider and should be part of their help documentation.

Verifying Your Domain

Before you can implement these techniques (and really, before you can start using them at all), most email delivery providers will require you to verify ownership of your domain. This process generally involves having the email delivery provider send an email to an address at that domain. The email will have a link to allow you to verify the email. It's not a difficult process, but it can vary depending on your email provider. Mailchimp's documentation for their process is here.

Implementing DomainKeys Identified Mail (DKIM) for your company

DKIM is an Internet protocol that helps recipients ensure that the contents of an email haven't changed since they were sent. This helps email recipients protect against spoofing and other man-in-the-middle attacks.

💡

You may also hear about two other email security protocols. Sender Privacy Framework (SPF) allows owners of a specific domain name to indicate which servers (and by extension, which companies) are allowed to send email on their behalf. Some email providers support SPF, and if they do you should implement it (Their help documents will have a guide). Domain-based Message Authentication, Reporting, and Conformance (DMARC) compliments both DKIM and SPF by adding policies that recipient email providers can use to verify the message is legitimate, and also provides a way for recipients to report illegitimate email. DMARC is typically handled by the email delivery provider.

To get started, log in to Mailchimp. Once logged in, find the menu item on the left for Websites. Click it, then select Domains from the sub-menu.

Mailchimp's left navigation showing
Mailchimp's left navigation showing Website → Domains

Scroll down to the section titled Custom Email Domains. Find the domain name you verified (follow the steps above to verify your domain if none are listed). Click Authenticate. The first section gives you a chance to find your domain provider. This step is only used to offer direct navigation to help documentation for the process. In the dropdown, find and select Namecheap.

The first step in Mailchimp's DKIM registration process.
The first step in Mailchimp's DKIM registration process.

Now open a new browser window or tab and log into Namecheap. Find the Manage button for the domain you want to use and click it, then click Advanced DNS. Find the section of the page titled Host Records. At the bottom of the list there will be a button labeled Add New Record. Click that, and select CNAME Record from the list.

Namecheap's Host Record management interface
Namecheap's Host Record management interface

Once you have selected CNAME Record, go back to Mailchimp. Find the entries listed in CNAME 1 for Host and Value. Copy them and paste them in the new row in Namecheap (Value may be labeled Target in Namecheap). Click the checkmark icon to save the row. Now go through the process of adding a new CNAME record again. This time, add the Host and Value from the CNAME 2 entry in Mailchimp, and use the checkmark to save it.

Mailchimp's DKIM record values
Mailchimp's DKIM record values

When you are finished, you should have two entries in Namecheap's Host Records.

Mailchimp's DKIM records entered in Namecheap
Mailchimp's DKIM records entered in Namecheap

With these records in place, email sent through Mailchimp using an email address from your startup's domain will bypass spam filters based on DKIM.

The contents of this Recipe are © Innovation Works, Inc. and are licensed under CC-BY-SA 4.0 . Contact us with questions or feedback, or to learn more about our structured program in Entrepreneurism based on Startup Recipes.