Email authentication is a process that verifies that emails are coming from the true sender, so it’s a basic step to staying out of spam boxes. By properly configuring email authentication, marketers help internet service providers (ISPs) accurately identify the origin of their emails, preventing spoofing and phishing attempts designed to make it look like the email is coming from the brand’s domain.
Email authentication also allows marketers to send emails via platforms such as Constant Contact and Mailchimp, yet with the brand’s domain name rather than the platform’s authentication details. So instead of receiving an email from the distribution platform on behalf of the brand, the email appears to be coming from the brand itself.
The most common email authentication protocols are SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-Based Message Authentication, Reporting, and Conformance). Email authentication via these methods is so important for two reasons. First, it helps ensure that emails are not flagged or outright rejected by the customers’ servers, increasing email deliverability rates, and minimizing bounced emails. Second, it helps create a sense of trust and reliability around the brand, so that emails are less likely to be deleted or marked as spam by the recipient. This boosts not just deliverability, but open rates too.
Anti-Spam Compliance
Nobody likes receiving irrelevant and annoying emails. However, it’s not just a matter of personal preference. The CAN-SPAM Act is a federal law in the United States designed to protect consumers from unwanted email and spamming activity, and any brand or business that uses email marketing — even just occasionally — must ensure they are compliant. It’s actually the first national standards for the sending of commercial e-mail and a set of requirements for companies to adhere to.
Using an email marketing platform can make it easier to comply with anti-spam laws, as many of the requirements are built into the system. However, it is important to know the key aspects of the law and abide by them. For example, any marketing email that is used for the purposes of advertising or promotion must be marked as an ad somewhere in the email. Some businesses do this by simply including a line at the bottom of the email stating that “This advertisement was sent to you by [brand name]”. Another rule is that the email must include the physical address or location of the business. If there is no street address, a PO box is also acceptable. More information about CAN-SPAM Act compliance for businesses can be found here.
Apart from the U.S., many countries have their own anti-spam email laws, so it is advisable that brands become familiar with and adhere to the specific laws in all countries they operate in.
Opt-in Compliance
Sending out emails to anyone who’s ever shown interest is not an option. It’s not smart marketing either. These days — particularly as data privacy laws are heating up in the US, Europe, and elsewhere — it is essential to get advance permission from the customer to send them emails for marketing purposes. This is called opt-in compliance.
The simplest way to manage opt-in compliance is with “single permission” opt-in. This means that the customer clicks a “Subscribe” or permission link, and their email is automatically added to the distribution list. In a double opt-in process, there is an extra step in which the customer confirms the initial opt-in.
Single opt-in is a tempting prospect, as it is an easier and quicker way to build email lists. However, it is not necessarily the best way. Firstly, single opt-in may not meet the stricter consent requirements of some of the latest data privacy laws, so in certain countries, it will not be enough from a legal standpoint.
The map below is intended to illustrate the different levels of opt-in required in the EEA on a country-by-country basis:
Secondly, single opt-in has no confirmation step to act as a filter, which means that customers who are less interested in the brand will more likely end up on the email list. This will cause problems later, as these customers are the ones who tend to flag emails as spam or delete them straight away. It will most certainly lead to lower open rates and less successful email campaigns. Opt-in compliance is not just for the customer — it benefits the brand as well by helping to create more focused and relevant email marketing lists.
Of course, brands want to keep unsubscribe rates to a minimum. However, when a customer wants out, it is important to provide them with the clear option to do so. Giving customers the power to opt-out of receiving emails at any time is one of the stipulations of the U.S.’s CAN-SPAM Act.
While including an “Unsubscribe” link at the bottom of every marketing email is a must, there are ways to soften the blow. Firstly, ensure that unsubscribing is easy and straightforward. This will make a good impression on the customer on their way out, and — who knows? — perhaps they will even return one day.
Also, some brands choose to include a short, friendly farewell message or even a quick enticement for the customer to stay on the list. Tread carefully though. It’s important to remember that having uninterested customers on the email distribution list will only skew the campaign data and reduce the effectiveness of the brand's email marketing ROI. So rather than using precious resources convincing customers to stay, focus on other, more worthwhile tactics, such as personalization and segmenting of recipient groups, to boost email marketing results.
GDPR Compliance
When the GDPR (General Data Protection Regulation) was enacted in Europe in 2018, it caused widespread change in the ways that brands and businesses market online to customers. And the long arm of the law reaches email marketing as well.
Under GDPR, emails can only be sent to European customers who have explicitly opted in, or consented, to receive them. If in the past, brands could send marketing emails to any customer who happened to provide their email address, that is not the case with the GDPR. Now, customers have to agree specifically and proactively to receive marketing and promotional emails. Many brands ask customers for consent via a checkbox in a popup message on their website or landing page. However, it is crucial that the checkbox is unticked by default. The customer must actively click in the checkbox to indicate their consent. See below how SuperOffice did it correctly:
Every Europe-based business, or businesses based elsewhere that market to consumers in Europe, must ensure they are compliant with GDPR email marketing laws. Check out the full guidelines here.
To reinforce the guidelines, infringements of this rule can lead to fines up to €20 million or 4% of your global turnover. This is not something to ignore!
For existing customer lists that you acquired pre-GDPR, you need to have a record that consent was given. If your organisation has no record of previously given consent, this means that you do not have a verifiable consent to contact them even under the previous data protection acts so the very act of contacting these customers may be illegal. Practically, this translates into the need to remove those customers from your databases and getting valid consent at future interactions.
Read more on how global data privacy laws are affecting email marketing:
Email deliverability is just the first step in a healthy, successful email marketing strategy. Compelling email campaigns, a robust distribution list, and smart audience segmentation — these are the ways to make sure those emails are delivered to the right inboxes and opened and read by the right customers.