Authenticating Sitecore Emails with SPF and DKIM
Why are my Sitecore emails going to Spam?
If you have a problem with Sitecore emails going to spam, that is, going to the junk folder of your recipients, then it is very likely an issue with your email authentication. Emails failing authentication, be they failing SPF, failing DKIM, or failing DMARC is common, as SPF, DKIM, and DMARC are often not properly implemented by domain administrators. Often, the main cause of Sitecore emails being blocked is due to the Sitecore emails failing DMARC, which in the case of Sitecore, is usually due to a misconfiguration of SPF and DKIM.
How to stop Sitecore emails going to Junk.
The first step to preventing Sitecore email going to spam is to retrieve a failed message and access its header information. This will allow you to quickly diagnose whether any authentication issues such as DKIM or DMARC are flagging your email as spam, instructing the recipient sender to move it to junk. Simply paste the email headers into our free Stellastra Deliverability Tool, which you can use freely with no log in required. Our deliverability tool should allow you to avoid Sitecore emails from going to spam, or at least rule out authentication as the issue.
How to remove 'via sitecore.com' or 'on behalf of sitecore.com'
Another example of where a Sitecore DKIM misconfiguration is to blame, is if your recipients report seeing the message as 'via sitecore.com' or 'on behalf of sitecore.com' and that the emails typically end up in spam or junk. The Stellastra Email Deliverability tool above will confirm this prognosis, however, you may also wish to configure DKIM for Sitecore by logging in to your Sitecore account to check to see if you have followed the following article to configure your Sitecore dkim setup to authenticate your domain.
How to stop Sitecore Failing DMARC
To ensure that your Sitecore campaigns pass DMARC and get delivered to your prospects, it is important to ensure that DKIM and SPF passes authentication for your domain. A common mistake is to sign an email with Sitecore's own DKIM keys. However, in order for Sitecore's email to pass authentication for your own domain, it is necessary to use your own DKIM keys as per Sitecore's own guide. If you wish to verify the above, paste the message headers for a failed Sitecore message into our Sitecore email testing tool. Furthermore, you should also follow the instructions on how to set up SPF authentication for Sitecore.
How can I gain visibility over who is sending with my domain?
Stellastra's email deliverability visibility tool takes reports from all modern inbox providers including Google (Gmail), Microsoft (Outlook), Mimecast, and Zoho to show who is sending email using your domain. This ensures that 1) you are monitoring your outbound emails to diagnose why emails are going to spam, and 2) that you take steps to lock down your domain, become secure, and comply with Google and Yahoo's 2024 bulk email sending policies.
How can I ensure I am compliant with Yahoo and Google's 2024 Email Sending DMARC Guidelines?
Our email deliverability visibility tool will indicate whether you are compliant with Google and Yahoo's February 2024 email guidelines for bulk senders. Google sends us reports alongside all modern email inbox providers.
Brittani Guerra, Marketing Executive, UK Cyber Cluster Collaboration - Stellastra was a massive help and took minutes fixing an email issue that we thought would be extremely time consuming. Stellastra was a hub of knowledge and we couldn't recommend them enough!