Authentication and Deliverability?

DavidJ · 20 Feb 2019, 09:19 PM

Can anyone point me to real research or other evidence, not just claims and pronouncements, on the effect of SPF, DKIM, DMARC, etc. on deliverability?

Thanks.
D.

janusz · 20 Feb 2019, 10:06 PM

Try this: https://nvlpubs.nist.gov/nistpubs/Te...ST.TN.1945.pdf

TenFour · 21 Feb 2019, 09:01 PM

Not sure if any study could really give accurate numbers on deliverability with or without SPF, DKIM, or DMARC because how would you test? For example, if your organization sends lots of email to organizations with full DMARC you probably need it, but if you instead just send to random consumers, even millions of them, you probably couldn't detect much difference because you can guarantee that a high percentage of those emails will be going to Gmail and other massive providers. Gmail does probably include DMARC in its spam scoring, but obviously looks at lots of other things. For example, I find that both Gmail and Outlook put lots of legitimate emails into my spam folder, while other emails from the same sources do not go into spam. That indicates to me that Gmail is parsing the actual words used in the message. In other words, you could have SPF, DKIM, and DMARC all set up perfectly and your message still might not get delivered because of something you write in the email. I used to work for a large email service provider and we found that was exactly the case. Sometimes an email would not get delivered, and in some cases it was very hard to determine why when everything was configured correctly. Remember too, you are at the mercy of the receiver's set up, which you rarely have much chance of controlling.

20 Feb 2019, 09:19 PM	#1
DavidJ Senior Member Join Date: Dec 2002 Posts: 178	Authentication and Deliverability? Can anyone point me to real research or other evidence, not just claims and pronouncements, on the effect of SPF, DKIM, DMARC, etc. on deliverability? Thanks. D.

20 Feb 2019, 10:06 PM	#2
janusz The "e" in e-mail Join Date: Feb 2006 Location: EU Posts: 4,943	Try this: https://nvlpubs.nist.gov/nistpubs/Te...ST.TN.1945.pdf

21 Feb 2019, 09:01 PM	#3
TenFour Master of the @ Join Date: Feb 2017 Location: USA Posts: 1,722	Not sure if any study could really give accurate numbers on deliverability with or without SPF, DKIM, or DMARC because how would you test? For example, if your organization sends lots of email to organizations with full DMARC you probably need it, but if you instead just send to random consumers, even millions of them, you probably couldn't detect much difference because you can guarantee that a high percentage of those emails will be going to Gmail and other massive providers. Gmail does probably include DMARC in its spam scoring, but obviously looks at lots of other things. For example, I find that both Gmail and Outlook put lots of legitimate emails into my spam folder, while other emails from the same sources do not go into spam. That indicates to me that Gmail is parsing the actual words used in the message. In other words, you could have SPF, DKIM, and DMARC all set up perfectly and your message still might not get delivered because of something you write in the email. I used to work for a large email service provider and we found that was exactly the case. Sometimes an email would not get delivered, and in some cases it was very hard to determine why when everything was configured correctly. Remember too, you are at the mercy of the receiver's set up, which you rarely have much chance of controlling.