Authentication of sender domains

Ever get an email that claims it’s from your bank, or eBay, or PayPal? One that actually looked pretty real, but it turned out to be a forgery? That’s the problem with email: it was originally created to be an extremely easy way to communicate, but it also happens to be extremely easy to forge.

Authentication is a way to prove an email is not forged

Authentication technology allows the receiver of an email and the ISP to confirm the identity of your sender address. If the identity of your sender address cannot be authenticated, then ISPs may reject your messages, or put it through additional filters to determine if it should be delivered. Without authentication, your chances of being filtered or blocked by major ISPs are greatly increased. By authenticating your domains, you can instantly bypass certain filters, giving your campaigns a better chance of arriving in the destination inbox. Not only that, but many ISP’s like Yahoo! and Hotmail will flag your email as authenticated, which helps to build trust between you and your subscribers and improves the chances of your emails being opened.

Common types of authentication

There are 4 most common types of authentication:

  • SPF
  • SenderID
  • DomainKeys
  • DKIM

There’s no “best authentication method”. They all have their advantages and disadvantages. Some simply require a file on your server that can be cross-referenced by a receiver (SPF, SenderID). These methods are easy to implement, but some say not as secure. Other types of authentication (Domain Keys, DKIM) actually embed code in the email itself. These methods make it tougher to forge emails, but they can also be tougher for both the sender and receiver to implement. Because of the various pros and cons, different receivers choose to check for different types of authentication.

Receiver DKIM Domain Keys SenderID SPF
AOL  Yes  Yes  Yes
AT&T/Bellsouth  Yes  Yes  Yes
Bell Canada  Yes  Yes  Yes
Charter  Yes
Comcast  Yes  Yes  Yes  Yes
Earthlink  Yes  Yes  Yes
Gmail  Yes  Yes  Yes
United Online/Juno/NetZero  Yes  Yes  Yes  Yes
RoadRunner  Yes
Rogers Cable [2]  Yes  Yes  Yes
Verizon  Yes
Yahoo! Mail  Yes  Yes  Yes

Carma support of authentication methods

DKIM Domain Keys SenderID SPF
Carma  Yes  Yes  Yes  Yes


How to set up authentication

For more information about how to set up authentication in Carma, please click here.

Next: Tracking domains

This is an article in the Carma Campus Class in Deliverability