Suped

How do non-branded domains and shared SFMC hostnames impact email deliverability and what configurations are best?

8 Marketer opinions9 Expert opinions5 Technical articles2 Resources

Summary

Using non-branded domains and shared SFMC hostnames can negatively impact email deliverability, especially if those domains develop a poor reputation at Gmail. Sharing IP addresses or hostnames with other senders, particularly within SFMC/ExactTarget, can lead to deliverability issues due to shared reputation. While domain mismatch isn't a critical problem, controlling your hostnames offers a better sending experience. Authenticating your sending domain using SPF, DKIM, and DMARC is essential to prove your legitimacy to ISPs and prevent spoofing. DMARC builds on SPF and DKIM, allowing you to set policies for handling unauthenticated emails. While SPF alignment is helpful, DKIM alignment is more crucial. Implementing SAP (Sender Authentication Package) with branded DKIM, SPF, and custom domains for images/clicks/views is recommended to improve deliverability and brand consistency. Utilize subdomains for email to isolate your email sending reputation. A secure email gateway also aids in safeguarding against attacks. Multi-bounce domains can provide SPF alignment for both domains when sending. Follow best practices and avoid unwanted email to ensure reliable delivery to Gmail and other providers. Maintaining a positive sender reputation is critical; poor reputations can lead to emails being filtered as spam or blocked. It's important to implement strong security measures to protect against attacks and maintain a positive sending reputation.

Key findings

  • Shared Reputation Risks: Shared IPs and hostnames tie your deliverability to the sending practices of other users on the same platforms, such as SFMC/ExactTarget.
  • Authentication Importance: SPF, DKIM, and DMARC are vital for authenticating your sending domain and improving deliverability by verifying that you're authorized to send emails.
  • DMARC Functionality: DMARC builds on SPF and DKIM by allowing you to set policies for handling unauthenticated emails, such as rejecting or marking them as spam.
  • SAP Benefits: Implementing SAP with branded DKIM, SPF, and custom domains is recommended to improve deliverability and brand consistency.
  • Dedicated IPs and Subdomains: Switching to a dedicated IP address or using a subdomain for email can provide more control over your sending reputation, isolating it from other senders.
  • Sender Reputation Impact: Maintaining a positive sender reputation is critical, as poor reputations can lead to emails being filtered as spam or blocked.
  • Best Practices: Following best practices and avoiding unwanted email ensures reliable delivery to Gmail and other email providers.

Key considerations

  • Authentication Implementation: Implement SPF, DKIM, and DMARC records to authenticate your sending domain and prevent spoofing.
  • IP Address Selection: Consider the pros and cons of shared vs. dedicated IPs based on your sending volume and desired control over reputation.
  • Subdomain Strategy: Evaluate using a subdomain for email sending to isolate your email reputation from your main website's reputation.
  • DMARC Policy Setting: Set a DMARC policy to instruct recipient servers on how to handle unauthenticated emails, providing reporting to domain owners.
  • SAP Consideration: Consider implementing SAP to gain more control over your sending reputation within Salesforce Marketing Cloud.
  • Sender Reputation Monitoring: Monitor your sender reputation regularly to identify and address any deliverability issues promptly.
  • Email Gateway Security: Implement a secure email gateway to protect against attacks and spam, contributing to a positive sending reputation.

What email marketers say
8Marketer opinions

Using non-branded domains and shared SFMC hostnames can negatively impact email deliverability due to shared IP and domain reputation. When sending from shared IPs, your reputation is linked to other senders, making you vulnerable to their sending practices. Authenticating your sending domain with SPF, DKIM, and DMARC is crucial for proving your legitimacy to ISPs. DMARC builds upon SPF and DKIM by allowing you to set policies for handling unauthenticated emails. Switching to a dedicated IP or using a subdomain for email can provide more control over your sending reputation, isolating it from other senders. Maintaining a positive sender reputation is critical, as poor reputations can lead to emails being filtered as spam or blocked. Proper authentication also prevents spoofing and builds trust with recipient servers.

Key opinions

  • Shared Reputation: Shared IPs and domains tie your deliverability to the sending practices of other users on the same platform.
  • Authentication: SPF, DKIM, and DMARC are crucial for authenticating your sending domain and improving deliverability.
  • Control: Dedicated IPs and subdomains give you more control over your sending reputation.
  • Positive Reputation: Maintaining a positive sender reputation is vital to avoid spam filtering and blocking.

Key considerations

  • IP Choice: Consider the pros and cons of shared vs. dedicated IPs based on your sending volume and risk tolerance.
  • Authentication Setup: Implement SPF, DKIM, and DMARC to authenticate your sending domain and improve deliverability.
  • Subdomain Use: Evaluate using a subdomain for email sending to isolate your email reputation.
  • Reputation Monitoring: Monitor your sender reputation to identify and address any deliverability issues promptly.
Marketer view

Email marketer from SparkPost explains that using a subdomain specifically for email sending (e.g., mail.yourdomain.com) allows you to isolate your email reputation from your main website's reputation. This helps protect your brand in case of deliverability issues.

February 2024 - SparkPost
Marketer view

Email marketer from Litmus shares that DMARC (Domain-based Message Authentication, Reporting & Conformance) builds upon SPF and DKIM by providing a policy that tells recipient servers what to do with emails that fail authentication checks, such as rejecting them or marking them as spam. It also provides reporting to domain owners.

March 2024 - Litmus
Marketer view

Email marketer from Microsoft highlights the importance of maintaining a positive sender reputation. Senders with poor reputations are more likely to have their emails filtered as spam or blocked entirely by Outlook.com and other Microsoft services.

January 2025 - Microsoft
Marketer view

Email marketer from Email Marketing Forum shares that switching to a dedicated IP address gives you more control over your sending reputation. You're not affected by the actions of other senders, but you're also solely responsible for maintaining a good reputation.

December 2022 - Email Marketing Forum
Marketer view

Email marketer from ZeroBounce shares that proper email authentication is crucial for boosting deliverability. This includes setting up SPF, DKIM, and DMARC records to verify your domain's legitimacy and prevent spoofing.

September 2022 - ZeroBounce
Marketer view

Email marketer from Mailjet Blog shares that using shared IP addresses means your sending reputation is tied to other users on the same IP. If they send spam, it can negatively affect your deliverability, highlighting the importance of monitoring IP reputation.

August 2023 - Mailjet Blog
Marketer view

Email marketer from Reddit explains that using SFMC's shared domains (like exacttarget.com) means your reputation is partially tied to other senders on the platform. If they're sending spam, it can hurt your deliverability, even if you're following best practices.

July 2024 - Reddit
Marketer view

Email marketer from SendGrid answers that authenticating your sending domain by setting up SPF and DKIM records helps to improve deliverability by verifying that you are authorized to send emails on behalf of your domain. This builds trust with ISPs.

August 2021 - SendGrid

What the experts say
9Expert opinions

Using non-branded domains and shared SFMC hostnames can negatively impact email deliverability, particularly if those domains acquire a poor reputation, especially at Gmail. Sharing hostnames with SFMC/ExactTarget customers can also lead to deliverability issues due to shared reputation. Domain mismatch isn't a major problem, but controlling your hostnames provides a better experience. DMARC can pass with DKIM or SPF alignment; however, relying solely on DKIM with shared bounce domains is less ideal. While SPF alignment is beneficial, DKIM alignment is more crucial. Implementing SAP (Sender Authentication Package) with branded DKIM, SPF, and custom domains for images/clicks is recommended. Ensure an A record exists for the bounce subdomain. Utilizing a multi-bounce domain allows for SPF alignment for multiple domains. SFMC authentication can be complex, with shared hostnames potentially impacting deliverability.

Key opinions

  • Non-Branded Domains: Multiple non-branded domain touchpoints can negatively impact deliverability.
  • Shared Hostnames: Sharing hostnames with SFMC/ExactTarget customers can lead to deliverability issues due to shared reputation.
  • DMARC Alignment: DMARC can pass with DKIM or SPF alignment, but DKIM is more important.
  • SAP Implementation: Implementing SAP with branded DKIM, SPF, and custom domains is recommended.
  • A Record Importance: Ensuring an A record exists for the bounce subdomain is necessary.
  • Domain Control: Having control over hostnames provides a better experience.

Key considerations

  • Brand Alignment: Consider branding all touchpoints with your own domain to avoid reputation issues.
  • Authentication Strategy: Prioritize DKIM alignment while also implementing SPF for optimal deliverability.
  • SAP Adoption: Evaluate implementing SAP to gain more control over your sending reputation.
  • Domain Configuration: Ensure all necessary DNS records, including A records for bounce subdomains, are properly configured.
  • Multi-Domain Strategy: For multiple domains, consider using a multi-bounce domain for SPF alignment.
  • Shared Reputation Risks: Understand the risks associated with shared hostnames and monitor your reputation.
Expert view

Expert from Spamresource shares that using Multi-bounce domain allows you to get SPF alignment for both domains when sending

January 2022 - Spamresource
Expert view

Expert from Email Geeks clarifies that DMARC can pass based on DKIM alignment or SPF alignment. Even if using shared bounce domains, DMARC might still pass due to DKIM alignment, but it's less ideal.

January 2023 - Email Geeks
Expert view

Expert from Email Geeks says that SPF alignment is nice to have and worth doing if easily possible, but DKIM alignment is more important.

February 2024 - Email Geeks
Expert view

Expert from Email Geeks shares that the domain mismatch isn't a huge problem, but sharing reputation with other SFMC/ExactTarget customers through shared hostnames can lead to deliverability issues.

May 2021 - Email Geeks
Expert view

Expert from Word to the Wise answers that having control over your hostnames across your email configuration gives you a better experience, and the mismatch of domains in an email isn't a huge problem.

January 2023 - Word to the Wise
Expert view

Expert from Email Geeks recommends you implement SAP, that you should brand with DKIM and SPF, and that you should use fully custom image/click/etc domains.

October 2022 - Email Geeks
Expert view

Expert from Email Geeks confirms that there should be an A record for the bounce subdomain for every private domain utilized.

January 2022 - Email Geeks
Expert view

Expert from Email Geeks explains that using multiple non-branded domain touchpoints can negatively impact deliverability, especially if those shared domains get a poor reputation at Gmail.

April 2024 - Email Geeks
Expert view

Expert from Word to the Wise explains that SFMC authentication can be tricky, and using SFMC hostnames means sharing reputation with other SFMC customers.

July 2023 - Word to the Wise

What the documentation says
5Technical articles

To ensure email deliverability, authentication mechanisms like SPF, DKIM, and DMARC are crucial. SPF records specify authorized mail servers, preventing domain spoofing. DKIM uses digital signatures to verify email authenticity and integrity. DMARC builds upon SPF and DKIM, defining policies for handling unauthenticated emails. Salesforce's SAP (Sender Authentication Package) provides tools for email authentication, branding, and dedicated IPs. Employing a secure email gateway is also vital to protect against attacks and maintain a positive sending reputation. Following email best practices and avoiding unwanted email enhances deliverability.

Key findings

  • Authentication Mechanisms: SPF, DKIM, and DMARC are essential for verifying the legitimacy of email senders.
  • SPF Function: SPF records authorize mail servers to send email from a domain, preventing domain spoofing.
  • DKIM Function: DKIM uses digital signatures to authenticate emails and ensure their integrity.
  • DMARC Function: DMARC builds on SPF and DKIM, specifying policies for handling unauthenticated emails.
  • Salesforce SAP: SAP provides dedicated IPs and tools for email authentication and branding.
  • Secure Email Gateways: Secure email gateways are crucial for protecting against attacks and maintaining sender reputation.

Key considerations

  • SPF Record Setup: Properly configure SPF records to authorize your mail servers.
  • DKIM Signing: Implement DKIM signing for your outgoing emails to ensure authenticity.
  • DMARC Policy Enforcement: Define a DMARC policy to instruct recipient servers on how to handle unauthenticated emails.
  • SAP Implementation: If using Salesforce, consider implementing SAP for enhanced deliverability and branding.
  • Email Gateway Security: Invest in a secure email gateway to protect against threats and maintain a positive sender reputation.
  • Bulk Sender Guidelines: Follow email best practices and avoid sending unwanted email to improve deliverability.
Technical article

Documentation from RFC explains that SPF (Sender Policy Framework) records specify which mail servers are authorized to send email from your domain. Properly configured SPF records prevent spammers from forging your domain in the 'From' address.

June 2023 - RFC
Technical article

Documentation from Salesforce Help explains that SAP provides a collection of products that authenticate your email sends, improving deliverability and allowing you to brand your marketing efforts consistently. It includes dedicated IP addresses, branded sending domain, and account configuration.

September 2024 - Salesforce Help
Technical article

Documentation from Google explains that to ensure reliable delivery to Gmail, bulk senders should authenticate their email with SPF, DKIM, and DMARC. Additionally, they should avoid sending unwanted email and follow Gmail's best practices.

November 2023 - Google
Technical article

Documentation from Mimecast shares that a secure email gateway is important to protect your email server from attacks and spam. Implementing strong security measures helps you maintain a positive sending reputation and ensures your emails reach their intended recipients.

September 2024 - Mimecast
Technical article

Documentation from RFC explains that DKIM (DomainKeys Identified Mail) uses a digital signature to authenticate emails. When an email is DKIM signed, the recipient server can verify that the email was indeed sent from the authorized domain and that the content hasn't been altered during transit.

November 2022 - RFC

Related resources
2Resources

Mail Transfer Agent (MTA) Explained | Mailtrap Blog
Mail Transfer Agent (MTA) Explained | Mailtrap Blog

Mail or message transfer agent is a software that transfers emails between the computers of a sender and a recipient. Read more about MTAs in this blog post

Mailtrap
8 Ways to Check Your Email Sending Reputation | SendGrid
8 Ways to Check Your Email Sending Reputation | SendGrid

Use these email reputation checker tools, stats, and tips to improve email deliverability and improve your domain reputation.

SendGrid

Related questions