Improve Email Deliverability

Improve Email Deliverability Rates with Proper Authentication: SPF, DKIM, and DMARC

Email deliverability is one of the best ways to ensure that your message gets seen and opened by your subscribers. But what happens when email deliverability goes wrong? The fact is, all kinds of things can and do happen: emails get spoofed and suddenly people who have never heard of your brand get spammed by messages that look like they came from you. 

This, in turn, has a domino effect on your email deliverability rates. More people start marking these spoofed emails as spam and ISPs as well as email providers like Gmail, start taking notice. If you’re sending emails using your domain name, you’ll want to take actionable steps to secure and authenticate your email. 

And although it sounds difficult, with an alphabet soup of abbreviations like SPF and DKIM, the process doesn’t take long and will save you a great deal of headaches while helping to improve email deliverability rates. Let’s get started. 

What Exactly is Email Authentication? 

Think of email authentication as your own digital signature. It’s a way to verify that messages did indeed come from you, instead of a spammer spoofing your email address or an email address that looks like yours trying to get valuable user information by phishing. 

By default, even if you don’t have an extra layer of email authentication, there are several factors that influence the deliverability of your emails, including:

  • The number of spam complaints: Whenever a recipient has marked your email as spam (even if they originally opted in to receive it)
  • The number of bounces: If you send an email to an address that isn’t valid or doesn’t exist any longer
  • The reputation of the IP address youré sending from: The weight of this responsibility is generally firmly on your email marketing service and
  • The domain name reputation of the sender: Based on the previous quality and types of emails you’re sending from that domain name.

What Happens When an Email is Authenticated?

For every email you send, the recipient’s email server looks at the message. Based on the email authentication method you use, your email message either goes to the recipient’s inbox (pass), gets marked as spam (fail) or gets ignored by the server. 

Not having email authentication in place essentially tells the server “this email message may or may not be from a brand that the user is expecting to hear from”. Conversely, with email authentication, the server can instantly know “this message is indeed from this brand and the user is expecting it.”

How it actually works is rather technical, but generally speaking: 

  • The email sender (like Gmail, your ISP or web host) configures their servers with a set of rules that tell other servers how these emails can be authenticated. It then implements these rules.
  • The email server receiving that mail checks to see if the message in question is following those rules and once it’s verified, it authenticates that message.
  • Based on that authentication, the server receiving the email takes a specific action – for example: delivering the email, disregarding the email or flagging the email as spam

Basically, the server receiving your email verifies that you are who you say you are by looking at things like your DNS (Domain Name System) records to see if the email really did come from your domain, as well as other factors to be sure that the email is legitimate and safe to receive.

Important Note: Even if you’ve set up email authentication correctly but they failed the process, it’s still possible for them to be incorrectly flagged as spam. For this reason it’s better to have several methods in place and thoroughly tested while regularly monitoring them to see how they impact your email deliverability rates. 

How to Set Up Email Authentication

If you want to set up an email authentication method, your first step will likely involve either creating some DNS records or uploading a file to your web hosting provider. Your email marketing company can provide you with this information, or it may easily be found in their respective knowledge bases. For example: 

How to Set Up DKIM and SPF in AWeber

How to Set Up DKIM in GetResponse

How to Send DMARC-Compliant Mail in GetResponse


This alphabet soup of acronyms refers to the various authentication methods that email providers use to help email servers verify that the emails do indeed come from your brand or your company.  SPF, for example, stands for Sender Policy Framework and this method of authentication looks to see if the sender’s return-path header is faked. 

It does this by looking at which IP addresses and servers are allowed to send emails from that specific domain name. However, by itself, it’s not very strong. That’s why SPF is best used together with DMARC or DKIM to prevent your emails from being spoofed.

DKIM, which stands for DomainKeys Identified Mails, helps locate fake/spoofed return-path headers just like SPF, but the difference is that it takes the authentication process a step further by adding a sort of “digital signature” to the outgoing email. The receiving email server then looks for this snippet of text in addition to the IP addresses allowed to send from that server.

For added security, there are two keys: public and private. The public one goes in the DNS record and the private one sits on your email servers. The receiving email server looks for both of these keys to determine if the email is allowed to be delivered. 

DMARC takes this idea even one step further by looking not only at the sender’s credentials, but the recipient’s as well. Like DKIM, DMARC needs SPF as a foundation for it to work correctly. Think of both DMARC and DKIM as an extra layer of security and protection to help further improve email deliverability rates. 

Why Use Email Authentication to Improve Email Deliverability? 

Simply put, anyone can send an email and make it look like it came from anywhere else. Email authentication not only helps protect your credibility and your brand but also assures your readers that you are indeed from your company and that you are legitimate. If you happen to notice a high number of bounces when sending out your emails to your subscribers, it may indicate an issue with your email authentication process. 

To that end, it’s always a good idea to have either SPF + DKIM or SPF + DMARC in place. Done  correctly, this will not only increase the deliverability rate of your emails, but will also further help solidify trust and credibility between you and your subscribers. 

Which Email Marketing Company Has the Highest Deliverability Rates? 

Deliverability rates can vary from month to month, but we’ve found that GetResponse tends to have among the highest, followed by ConvertKit and then AWeber among top email marketing companies. Each one of these companies offers a free trial and some offer free accounts for life if you have a small number of subscribers. It’s a great way to try them out and get a feel for how they operate as you gauge deliverability levels for yourself to determine which one could be right for your business and your brand.