The following information is designed to help you and your IT set up Communications Cloud as an authorized sender for your domain, optimizing the deliverability of Communications Cloud emails both in-house and to media contacts.
Background
Spam emails are a lucrative business model and account for over half of global email traffic in some years. It is therefore hardly surprising that the topic of email authentication and security is playing an increasingly important role. This issue becomes particularly relevant when external systems, such as the Cision Communications Cloud, are used to send emails via a corporate domain (such as "cision.com").
Mail servers worldwide primarily rely on two mechanisms to verify the authenticity of an email: SPF (Sender Policy Framework) and DKIM (DomainKey Identified Mail). Both methods pursue the same goal, namely to enable the receiving mail server to verify the legitimacy of the sender or the sending server. Both methods concentrate on checking and confirming the domain, i.e. the part following the @ character in the e-mail address.
If the receiving mail server has doubts about the authenticity of the e-mail, it reacts accordingly. This reaction can be differently expressed on different mail servers. The e-mail may be marked as spam and/or filtered, or the e-mail may even be categorically rejected before the recipient even becomes aware of it.
So if you notice or have noticed that (test) e-mails sent via the Communications Cloud are filtered into your spam folder or not delivered at all, it is likely that your mail server was unable to authenticate you as the e-mail sender, which is often related to a faulty or non-existent SPF and/or DKIM configuration of the Communications Cloud.
What are the steps for setting up DKIM?
DKIM, which is a rather new method compared to SPF, has become more and more popular in the last few years. In contrast to SPF, DKIM allows the authorization of senders via an encoded key. However, setting up the method for the Communications Cloud is only helpful if it is used in your company. Your IT will be able to inform you on whether DKIM is being used.
If DKIM is used, we strongly recommend authenticating the Communications Cloud via this procedure. The setup here, unlike with SPF, is also partly done on Cision's side. To be able to set up DKIM, we must know the full domain to be used. This can be the domain you use on a daily basis, or a subdomain as often requested in houses with strict IT policies (and then set up for you by your IT).
As soon as we have the domain to be used, we prepare the authentication on our side and provide you and your IT with the necessary data to be processed by your IT, so that the authentication is also confirmed by the domain owner. As soon as these so-called CNAME records are published as part of your entry of the domain name service, the process is completed by a verification on our part and DKIM is available for the established (sub-) domain.
Important note for agencies
Agencies often use one of their customers' e-mail addresses as the sender address in the Communications Cloud. Authentication, which we strongly recommend in this case, must then be published in the DNS by your customer's IT.
If this is not possible, we recommend reverting to your own domain as an alternative and using this for sending, for example via a sender address provided specifically for this purpose, such as [email protected].