Configuring your account starts with Email Authentication which includes protocols, such as DKIM signature and DMARC policy.
Email authentication is what differentiates legitimate emails from any spam that would use your domain. A suitable configuration proves to your recipients that your emails are legitimate and helps to block emails that are not. Good authentication also establishes your reputation as a sender, helps increase your delivery rates, reduces the risk of having your emails filtered or reported as spam, and improves your recipients' trust in your electronic communications.
Inversely, not authenticating your emails exposes you to risks. If a receiving server cannot prove that a server is entitled to send emails on your behalf, then the following consequences might arise:
- It will be more difficult to gain and maintain, a good sender reputation, and your reputation can be easily damaged by a spam campaign that would aim at the reputation of your domain;
- Your recipients could be informed that the emails “do not seem to come from your domains”, or that the source of the email cannot be confirmed;
- Your domains could easily be used for phishing campaigns since it is impossible to distinguish legitimate from illegitimate emails.
Authentication protocols nowadays are essential. For your emails not to be considered suspicious, there needs to be at least a DKIM signature.
Dialog Insight strongly suggests these quick steps to improve your email delivery. It's quick and easy. Once done, you don't have to worry about it anymore. Follow these simple steps:
- Choose a subdomain that will be used ONLY for your mailings (hyperlinks and senders). We suggest you add a "c" for communication in front of your domain name. (e.g., c.yourdomainname.com)
- Select the email address to forward the answers of your customers. When a customer answers one of your messages, it first passes through our server, which then forwards it to the return address you will provide us. This existing address should be linked to one of your inboxes and should not be used to send your messages.
- Send the information from points 1 and 2 to Dialog Insight at firstname.lastname@example.org.
- Dialog Insight will then send you four NS entries. Your IT team will have to add these entries and authorize us to configure the subdomain for you.
- Once the NS entries are set on your end, just let us know so we can configure everything.
You are now done with the basic configurations for email authentication. If you have any questions or concerns, please contact us!
Once the configuration is completed, you will benefit from the following:
- a personalized domain name for your messages that will give confidence to your customers;
- a DKIM key to sign and ensure the delivery of your emails;
- implementation of a DMARC policy;
- Shared IP addresses for your account. If you wish to use a dedicated IP address, we will send you further instructions.
Learn More on DKIM Signatures
The DKIM signature (Domain Keys Identified Mail) is an Internet standard almost universally supported by major email providers and anti-spam systems.
The DKIM encryption authentication method validates that the email is authorized by the domain owner of the sending domain by adding a digital signature to the email.
This signature is based on asymmetric cryptography:
- The signee (in this case, Dialog Insight) has the private part of the key, which is used to sign emails.
- The public part of the key is indicated in the domain's DNS for which the emails are signed.
When receiving an email, the mail server that finds a signature will look in the DNS servers to retrieve the public key and use it to validate the signature.
When the signature is validated, it indicates 2 things:
- That the email has been signed by a server (Dialog Insight) that has the private key. It is therefore authorized to be signed by the server owner (your company) since the existence of the public key in your DNS indicates that you have accepted that we sign on your behalf;
- That the email was not changed while in transit. If it had been changed, the signature would no longer be valid.
The DKIM signature works as follows:
- A public key of several alphanumeric characters is inserted in the configurations of your domain.
- Dialog Insight has the private key. The domain that receives the email comes from our servers, but since we have the private key, the email coming from Dialog Insight is authenticated.
For more information on DKIM: http://www.dkim.org/
Learn More on DMARC Policy
The implementation of a DMARC (Domain-based Message Authentication, Reporting and Conformance) policy allows a sender to indicate that his emails are protected by DKIM and/or SPF and tells receiving servers what should be done when receiving an unauthenticated email - for example, reject the email or report it as spam. DMARC eliminates uncertainty at reception: although the SPF protocol and DKIM signature helps to prove that an email is legitimate, their absence or failure does not prove the opposite. Your DMARC policy addresses this uncertainty by allowing you to explicitly indicate what should be done with an unauthenticated email.
The site https://dmarc.org contains all the resources necessary to enable your team to understand DMARC, prepare an appropriate policy, and test it. Some more technical tools are also listed in this section: https://dmarc.org/resources/deployment-tools/
Learn More about Tracking Links Customization
On the platform, these customized tracking links are also sometimes called "Custom Trackers," but they can do more than tracking. By default, links interacting with the platform use the platform's domain.
When you use links in a communication and have activated link tracking, Dialog Insight records clicks by replacing your link with a pseudo-link which points to the platform and then redirects to your link. This means that all traffic from a message will first go through the Dialog Insight environment. This pseudo-link uses the custom domain when displayed on hover over the link.
Tracking clicks is not the only use for custom trackers, functions like email Web Version, forms hosted on Dialog Insight and landing pages also use these Custom Domains to make links. Basically, these replacements are done using a domain name associated with the platform (for example: app.dialoginsight.com).
However, your contacts may find these links suspicious: why does a link in a communication lead to "app.dialoginsight.com", when they don't know about this site and certainly do not associate it with your company? To give your recipients confidence and reduce possible phishing complaints, it is essential to set up a domain name that will be used to customize tracking links.