Setting Up Advanced Email Authentication for FWM

The most important element of sending emails is ensuring those emails make it to the inbox of the recipient. This is true for your normal emails and equally important for your marketing emails through FWM, as well as the thank you emails FWM sends out on your behalf when someone fills out a form on your website.

The steps below will ensure that you are set up for success with the emails sent by Foster Web Marketing on behalf of your business. These are all standards you should employ with your email platform as well. You may need to reach out to your company for assistance implementing them.

  1. DKIM adds a digital signature to every outgoing message, which lets receiving servers verify the message actually came from your organization. Ensure you have a DKIM record setup in DNS for your domain. This should be done through your Cloudflare account or, for a handful of clients, through whatever DNS solution you use. You need to add a CNAME record that points dkim._domainkey.yourdomain.com to dkim._domainkey.email-od.com. 
  2. SPF Specifies the servers and domains that are authorized to send email on behalf of your organization. Because FWM is sending email on your behalf for marketing emails as well as thank you emails, we need our email servers to be included in the list of servers authorized to send email on your behalf. You should have a TXT record for the root (@) of the domain with include:email-od.com as part of the record. Here is an example of a full SPF record for a client that uses Office365 for their normal email and also has an entry for the FWM email servers: v=spf1 mx a include:email-od.com include:spf.protection.outlook.com ~all.  At a minimum, you need a TXT record that looks like this: v=spf1 include:email-od.com ~all.
  3. DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication, policy, and reporting protocol. It builds on the widely deployed SPF and DKIM protocols, adding linkage to the author (“From:”) domain name, published policies for recipient handling of authentication failures, and reporting from receivers to senders, to improve and monitor the protection of the domain from fraudulent email. You should have a DMARC TXT record that at least implements the bare minimum filtering standards. Increasing the amount of your email that checks these policies will only reduce the amount of emails getting to inboxes in the short term. A default DMARC TXT record looks like this: v=DMARC1; p=none; ruf=mailto:[email protected]; rua=mailto:[email protected]; aspf=r; pct=0; adkim=r.  You can replace the email addresses with an address you or your IT company can monitor for issues.
  4. Email tracking allows us to provide clients with feedback on open rates, click rates, and other information on the delivery of emails. Two DNS records are required for tracking and the associated bounce domain. You need to add a CNAME record pointing tracking.yourdomain.com to tracking.socketlabs.com and a second CNAME record pointing bounce.yourdomain.com to tracking.socketlabs.com.
  5. Once you have created the above DNS entries, send an email to [email protected] requesting the setup of domain authentication and provide your website domain. We will send a response email when the authentication is confirmed and complete. If you run into problems or have questions in this process, please get in touch with us at [email protected] or call 888-886-0939.

How To Work With Us

We don't just build you a website that out-performs all other websites. We don't just provide Digital Marketing Services (SEO, PPC, Social Media, Content) to raving fans.

Selecting from the menu items above answers 90% of questions most folks have about working with us!