The dark side of email
Email is a quick and accessible form of communication that is pretty universal. Most digital consumers have a personal email address. While this widespread availability is great for many reasons, it also makes email an easily accessible tool for bad actors.
Scammers can easily pose as a legitimate business, set up a fake business, or steal contact information that they use to scam and defraud folks via email. Email inbox providers have developed sophisticated protocols and algorithms to identify emails as suspicious or potentially harmful, and quarantine them to the spam folder or block them all together.
So if you’re a good sender with good intentions, what can you do to prove you are legit? That’s where DMARC comes in.
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a policy or rule that protects your domain from unauthorized use within an email’s from-address.
Think of it as a fingerprint scan for email. DMARC makes sure that the sources of all messages coming from your domain are authorized by the domain owner and helps you prove your authenticity to inbox providers. Watch the video below for a full explanation.
It’s important to know that since your DMARC policy is stored in your DNS records, it applies to all emails that are sent from your domain across the entire internet.
That means that any tool you use to send email with your domain in the from-address needs to be DMARC compliant in order for your emails to be delivered successfully. This could include help desk software, CRM software, your ecommerce platform, and more. In other words, the reach and impact of setting up DMARC extends far beyond Klaviyo.
Set your Klaviyo account up for DMARC compliance
In order to be considered a legitimate sender by inbox providers, you’ll need to make sure your Klaviyo account is set up to be DMARC compliant. Follow the steps below to achieve DMARC alignment and set your account up for good deliverability.
Set up a branded sending domain that aligns with your root domain
In order to pass DKIM and SPF, you must have a branded sending domain (also known as a dedicated sending domain). You can configure this in your Klaviyo account settings. This process will prompt you to update your DNS records with additional rows. These new records will enable you to pass DKIM and SPF.
Place a DMARC policy into your DNS records
While setting up your branded sending domain, toggle on the option to include a DMARC policy TXT record to your record set.
This will add a TXT record with the name _dmarc and a value of v=DMARC1;p=none; to your DNS records.
You can update this later to change the p value or set up an rua tag with a valid email address to receive DMARC reports, such as "rua=mailto:dmarc-reports@mybrand.com". If you need additional support, consult your IT team or engage a 3rd party service who specializes in DMARC to help your business manage and maintain compliance.
Test and verify your compliance
Send a few test email campaigns to yourself and your team, and then review the headers of those emails to check if they are compliant with the DMARC policy that you set up. To do this, open the email in your email client and then click “Show original". This will open the full text (including headers) of the email. You’ll be able to see whether the message passed SPF, DKIM, and DMARC.
Need more help with this? Read our guide on how to verify email authentication using email headers.
Monitor your DMARC results
Periodically read through the DMARC reports that are emailed to you from your DMARC policy. While these are not the most user-friendly reports, your IT team will be able to review these reports to catch any irregular activity. DMARC reports are sent to the email address that you listed under the rua and/or ruf tags in your DMARC TXT record.
It is highly recommended that you look into using a third-party tool or service to help you with ongoing DMARC management. You can find some links to trusted tools in this article.
Use an engagement-based email sending strategy
Be sure to send emails through Klaviyo using an engagement-based sending schedule. This refers to varying the audience targeting of your campaigns on a routine basis to send most often to the most engaged subscribers, folding in less engaged subscribers on a less frequent basis. Avoid messaging unengaged profiles to protect your deliverability. Want help improving your sending strategy?
Learn more about how to create an engagement-based sending schedule.
Does DMARC guarantee that you’ll land in the inbox?
Unfortunately, no. DMARC only addresses the first layer of security by verifying that an email was sent from an authorized domain. Even messages that pass DMARC can still be harmful or unwanted for recipients.
So what other factors determine whether you land in spam once you are DMARC compliant?
Consent status
Only send marketing messages to people who have explicitly opted in to them.
Your contact collection forms should never be pre-checked to opt-in, because this can lead to higher unsubscribe rates down the line.
Never purchase contacts from a third-party.
Easy unsubscribe
You need to make it easy for your contacts to unsubscribe at any time without having to work too hard.
Every message you send should have a one-click unsubscribe option in the header of the email (Klaviyo will take care of this automatically on your behalf).
Additionally, you should also place a clearly visible unsubscribe link or manage preferences option at the bottom of your emails.
Spam rate
Monitor your email deliverability metrics regularly. Aim to keep your spam rate below 0.10%, and do not let it exceed 0.30%.
You can keep your spam rate low by suppressing unengaged contacts on a regular basis, and following an engagement-based sending strategy.
Email content
If the code weight of a message is too heavy, your messages may be clipped. This can be frustrating for recipients, and may cause unnecessary unsubscribes or spam reports.
Image-only emails are also seen as suspicious by inbox providers because they cannot scan any of the text within the image.
Make sure your messages follow a text-to-image ratio that is roughly between 60:40-80:20 (mostly text with a few supporting images). Also, be sure all images have alt-text applied.
Engagement-based sending
At the end of the day, your segmentation strategy has a huge impact on your spam and unsubscribe rates.
We recommend always sending on an engagement-based sending schedule. This means, send to your most engaged customer segment most often, and sprinkle in other engagement tiers less frequently to ensure you are not bombarding recipients.