How do ActiveCampaign and other ESPs handle DMARC records during custom return-path setup, and what are the potential issues?
Summary
What email marketers say11Marketer opinions
Email marketer from Gmass explains how setting up DMARC with GMass is an easy process. Once you authenticate with SPF and DKIM you must decide what level of security you want for your domain. You can set a DMARC policy of “none” to simply monitor your mail stream, “quarantine” to send unauthenticated messages to the spam folder, or “reject” to tell the recipient to refuse the messages.
Email marketer from SocketLabs explains the role of DMARC is to instruct receiving servers on what to do with emails that fail SPF and DKIM authentication, and to provide a mechanism for reporting email authentication results back to the domain owner. DMARC works by setting a policy in your domain's DNS records that tells receiving mail servers how to handle messages that fail authentication checks.
Email marketer from Email Geeks explains that presenting a DMARC record to end-users unfamiliar with DNS settings can lead to confusion and duplicate records. He also highlights potential issues with API methods deleting comments from existing DKIM records.
Email marketer from Email Geeks mentions their DNS checker validates existing DMARC records, avoiding the need for users to add a duplicate. Also, using the "Connect a Domain" button creates DNS records via API without duplicating existing DMARC records.
Email marketer from EasyDMARC explains the DMARC quarantine tag. This directs the email receiver to place any email that fails DMARC authentication into the recipient’s spam or junk folder. The quarantine tag provides a middle-ground approach, allowing domain owners to test the waters before fully implementing a reject policy, which is more stringent.
Email marketer from Email Geeks shares that ActiveCampaign now allows all users to set up a custom return-path and verifies all DNS records except DMARC, advising awareness of potential duplicate DMARC record issues.
Email marketer from Email Geeks agreed that existing DNS records should not be replaced with the same record, and the DMARC record should be hidden during manual setup if one already exists.
Email marketer from EmailGeek.com responds that DMARC policy tells the recipient's mail server what to do with messages that fail authentication checks. You can set a DMARC policy of “none” to simply monitor your mail stream, “quarantine” to send unauthenticated messages to the spam folder, or “reject” to tell the recipient to refuse the messages.
Email marketer from Postmark suggests that a common issue is incorrect DMARC configuration, such as syntax errors in the DMARC record or conflicting policies. These errors can lead to legitimate emails being incorrectly marked as spam or rejected. It emphasizes the importance of regularly reviewing DMARC reports to identify and address any issues.
Email marketer from StackOverflow explains that you should configure DMARC records in your DNS zone and the ESP will send you aggregate reports. The user mentioned there is not much the ESP can do to help once you have configured it correctly.
Email marketer from Reddit explains their experience with setting up DKIM in ActiveCampaign, highlighting the importance of following ActiveCampaign's instructions precisely and ensuring the DNS records are correctly configured. They note that once DKIM and SPF are properly set up, DMARC issues are less likely to occur.
What the experts say2Expert opinions
Expert from Spam Resource explains the risks of deploying DMARC to 'p=reject' too quickly without proper planning and monitoring. Linford highlights the potential for legitimate emails to be blocked, emphasizing the importance of a phased implementation and careful analysis of DMARC reports. The risks and benefits of deploying DMARC are that rejecting too soon can prevent legitimate emails from being delivered and that the domain owner has to regularly monitor the daily reports.
Expert from Word to the Wise shares that slow adoption of DMARC could be attributed to the complexity of understanding and implementing DMARC properly. Atkins further explained that it involves coordinating with different departments and dealing with edge cases which makes it difficult to get a handle on legitimate mail streams. It involves understanding SPF, DKIM, and DMARC reports which can be overwhelming.
What the documentation says3Technical articles
Documentation from Mailjet explains DMARC (Domain-based Message Authentication, Reporting & Conformance) as an email validation system designed to protect email domains from being used for unauthorized purposes, such as spam or phishing. It builds on the SPF and DKIM protocols, adding a reporting function that allows senders and receivers to improve and monitor the protection of email.
Documentation from SparkPost explains the importance of setting up a custom MAIL FROM domain (return-path) to improve email deliverability and sender reputation. This involves configuring SPF and DKIM records for the custom domain. It allows senders to control their bounce handling and align their brand with email communications.
Documentation from ActiveCampaign Help Center explains the steps for setting up a custom return-path, which involves adding specific DNS records provided by ActiveCampaign to your domain's DNS settings. It handles the technical configuration required to align your sending domain with ActiveCampaign's servers.