We provide email authentication to increase the deliverability and security of your email campaigns. This article explains what authentication is, why it's a good idea to use it, and what your options are for setting it up.
On this page:
- How authentication works
- Why it's important to send authenticated emails
- Email authentication options
- Instructions for setting up email authentication
How authentication works
Because of the way email was originally built it's very easy to forge, meaning an email sender might not be who they say they are. An example of this is an email message claiming to be from your bank, when it's actually a scam aimed at stealing money or spreading malicious software.
Authentication technology prevents this from happening by giving ISPs a record of identification to check, to ensure the sender is legitimate. Emails that fail to pass authentication checks may be blocked or put through additional filters, potentially preventing them from reaching the inbox.
ISPs like AOL, Gmail or Yahoo (as well as corporate email servers) use one or more of these authentication methods to verify sender identity:
There's no agreed best method for authentication and, because of the pros and cons for each, you can't rely on all ISPs using the same one. That's why it's best to employ all of them, and we make that easy to do by authenticating every client in your account by default.
Why it's important to send authenticated emails
ISPs now rely heavily on authentication to fight spam and prevent phishing and other means of fraud.
Authentication is essential for securing your brand and preventing spoofed messages from damaging your online reputation.
Imagine a phishing email being sent from your company because someone had forged your information. Angry recipients and spam complaints resulting from it become your mess to clean up, in order to repair your reputation.
Many ISPs use authentication, among other things, to track sender reputation. Without it, the chances of your emails being filtered are much higher.
Email authentication options
There are three options to choose from when setting up email authentication for a client in your account. These options are explained below.
Authenticate all emails for me
This is the default setting for every client in your account, and it's the simplest option because you don't need to do anything.
On this setting the authentication methods, DKIM and SPF, are set up for you meaning you authorize our servers to send email on your behalf. The emails still look like they're coming from you because you set your own From address, as shown here:
Note: Certain email clients, such as Outlook and Gmail, will add extra sender details to the From field, as shown in the example below:
When this happens, the domain names added will be white label, for example: cmailx.com or x.com where the x is a numeral. If you are rebranding Campaign Monitor, rest assured, the sender domains will never be anything like campaignmonitor.com that points back to us.
Don’t authenticate my emails
With this method your emails will be sent without any authentication at all, which we do not recommend. A couple of years ago it was not as big a problem but ISPs now rely heavily on authentication to fight spam.
However, if the mention of cmail or domains really is a major issue, and you don’t have the capability to manage your own authentication, you can still choose this option.
Your campaigns will still be sent out as normal, and you will still see all the reporting, but you will be risking the deliverability of your emails.
I'll manage my own authentication (recommended)
If you have access to the DNS records for your domain, and a bit of technical knowledge, you can set up your own authentication records.
This is the best option for building and maintaining a good sender reputation. By handling authentication through your domain, it means you have control over all emails that affect deliverability for your domain.
This option is for advanced users because it can be a bit tricky to get working, given the variety of DNS management systems out there. Learn more about this in our guide to setting up email authentication yourself.
Setting up email authentication
To set up email authentication for a client in your account:
- Open Clients from the top of your account page and select the relevant client from your list.
- Open the Client Settings tab and click Authentication Settings, in the right sidebar.
- Select an authentication option (each option is explained above) then click Save settings.