MailChimp customers: You can now setup your DNS to include our MailChimp servers in your SPF record (so that your campaigns will be SenderID authenticated).
We sent out the news recently in a System Alert, but just in case you didn’t get it, here are the details…
If you have access to and can modify your DNS, add this bit of code to your SPF text record to enable SenderID Authentication for all your MailChimp campaigns:
For example, your SPF record might look something like this:
v=spf1 mx ptr include:servers.mcsv.net ~all
If you have absolutely no idea what any of this means, print this out and give it to your IT group (wrap it in a candy bar to expedite it). Tell them your email campaigns will have a little better deliverability if they do this for you.
After we sent our email about this, we got a ton of questions from our customers. So here’s a little information that might help:
- Yes, authentication can be confusing as hell. For more information on SenderID authentication, visit this Microsoft website
- Why this is important: ISPs (like AOL, Hotmail, MSN, Bellsouth, Yahoo, etc.) are starting to check incoming emails for authentication. If your email is not authenticated, it looks slightly suspicious to them, and they run it through their spam filters extra, super-duper hard. If your emails are authenticated, they run them through their spam filters slightly less extra super-duper hard. Some ISPs are marking emails that are authenticated with special badges, indicating they’re slightly more ‘trustworthy.’
- SenderID is only one type of authentication (but it’s getting very, very popular, and is pretty easy to implement, compared to DKIM authentication).
- How SenderID authentication works: Basically, when you send an email using MailChimp, but your reply-to address is "yourcompany.com" it kind of looks suspicious to ISPs. So a receiving ISP would ask, "Why does it say it’s from "yourcompany.com" when I can tell it came from MailChimp’s servers (mcsv1.net, mcsv2.net, mcsv3.net…etc)" But so long as your email isn’t very spammy, it’s usually okay, and you have nothing to worry about. They’ll just let it slide. But ISPs are increasingly checking for SenderID authentication now. So when you send your email campaign and put "yourcompany.com" in the reply-to, a receiving ISP will go to "yourcompany.com" and ask if MailChimp is an impostor, or if we’re truly authorized to send emails on your behalf. Adding that line of code tells ISPs, "Yeah, MailChimp’s cool. You can trust him."
- The ISP where you host your website and manage your DNS might not let you modify your DNS records (it’s a pretty advanced feature, not offered in common small business hosting packages). Some will let you modify your mx-records, but not SPF. You need to be able to edit your SPF record.
- If you can’t modify your SPF record, all is not lost. We will be offering an alternative for you later (details in the System Alert we sent to all customers)
- This is not the same as SPF authentication. SPF authentication is different from SenderID authentication, even though to make SenderID work, you have to edit your SPF record. Don’t ask. For a really technical explanation, go here.
- After you’ve set up your SPF record on your DNS, you can test the authentication. The best way to do that is to go here and follow option #3.
- Use MailChimp to send an email to: firstname.lastname@example.org and you will get a bounce back. The bounce back will tell you if the message passed SenderID authentication. If you send from MailChimp, the bounce will probably be sent to our domain. If you wish to receive the results at a different address, follow step #3 here.
- Some people have asked us, "What if my ISP doesn’t allow me to edit my DNS’ SPF records?" Well, we could tell you to switch ISPs, or to use a separate DNS hosting service, but that’s a huge pain, and we’re not convinced it’s totally worth it right now. We haven’t seen lack of authentication really hurt anyone’s campaigns. But having authentication can sometimes help a little (here’s one case we’ve seen just recently). So if you can’t really edit your DNS, don’t worry too much about this. We’ll be offering alternatives for you soon.