Authentication and Deliverability Q&A with Tara Natanson

Tell us a little about who you are and what you do at Constant Contact: 

I’m Tara Natanson, and I’m the Manager of ISP (Internet Service Provider) Relations at Constant Contact. My primary focus is on deliverability– making sure our customers have the tools they need to get their email into inboxes! I’ve been in the industry for more than 23 years, and I’ve seen a lot of changes and developments over the years. 

I collaborate with other email and internet service providers to reduce network abuse and refine email best practices, which as you can imagine, are continuously evolving. If there’s one thing I’m really dedicated to, it’s making sure the email industry continues to hold a place for small businesses to succeed.

We heard a lot about changes that Google and Yahoo! were making at the beginning of the year. Can you explain those changes?

So last October, Google and Yahoo announced requirements they wanted to see across emails sent to their systems. Because these are pretty big email providers that a lot of people use, you can imagine this turned the email sending industry on its head for a little bit!  As an industry, we were all scrambling to see what needed to be done before February 1, which was the deadline they gave for meeting those new requirements. 

As it turns out, Yahoo and Google weren’t asking for anything new or earth-shattering, they just wanted to see all senders using the authentication and unsubscribe practices that have been considered best practices for many years already.  What this really meant was that they could more easily filter out the bad mail from the good to improve the end user experience. So we wanted to make sure our customers appear as good senders.

Constant Contact already had some offerings in place to help customers with authentication, right?

One of the things we’ve always been really focused on at Constant Contact is the importance of sender domain reputation – meaning how trustworthy our customer’s domains seem when they’re sending out emails. So because of that, we’ve offered domain authentication (self-authentication) basically since its inception in the early 2010s. 

We also recognized that a lot of small businesses aren’t able to easily make changes at the domain level, either because they don’t control their domain, or because they don’t have access to the right records. It can be pretty technical for people who don’t live in this world all the time. So we helped close that gap by offering our customers the ability to set up a subdomain of Constant Contact’s authentication domain so they could build their own domain reputation even without control over the technical side.

When the changes from Google and Yahoo came, how did that change what Constant Contact was already doing?

Years ago, Constant Contact gave all of our customers the ability to create a subdomain of our own ccsend.com domain so that we could DKIM sign their mail (DomainKeys Identified Mail is a way of authenticating email that helps verify the message was sent from an authorized source). We knew that domain reputation would be heavily based on the DKIM signature and that it might be difficult for customers to set up on their own domain. 

These new authentication requirements mean that the domain in the DKIM signature must match the domain found in the “From:” address. Luckily, our historical focus on domain reputation and deliverability really set us up for success here.  When Google and Yahoo! announced their most recent changes, we were able to dust off that existing subdomain infrastructure, and let our customers set up addresses at their customized subdomain. We then set this as the “From:” address on their mail to meet the requirement that the “From” address match the DKIM signature domain. This means that even our customers who don’t have mail set up at their website domain are able to have their mail authenticated in compliance with the new requirements.  

So what do Constant Contact customers need to do from here?

As soon as you log into your Constant Contact account, you’ll see a window explaining your options and choices, provided you haven’t already gone through these steps. It’s impossible to miss! And from there, there are three ways we’ve created to help you meet the requirements – we even talked to Google and Yahoo! about these options and got their thumbs-up, so we feel great about being able to offer them.

Option 1: You can send from your own domain and self-authenticate. To learn more about how to do that, we have an entire walkthrough on our Knowledge Base here. Sending from your own authenticated domain helps with brand recognition and is the recommended best practice.

Option 2: you can select a subdomain from Constant Contact to send from, like yourbusiness.ccsend.com. You would then create a sending address within your account such as “hello@yourbusiness.ccsend.com” When you send your campaign, Constant Contact takes care of all of the authentication work for you and you are able to benefit from having a unique authentication domain.  This method is recommended if you don’t have a domain you can send mail from or you do, but you’re unable to complete the authentication steps outlined in Option 1.

Option 3: While those first two options are the best routes to take, we know it might be hard for customers to know which option to choose, or they may not know how to take action. So we created a fallback option in which we rewrite your   “From:” address so that the email is still coming from an authenticated domain. (So for instance, john@gmail.com would become john-gmail.com@shared1.ccsend.com). This is a last resort method.  Your mail will be signed and will meet the authentication requirements, but you will be sharing domain reputation with other senders who fall into this bucket, rather than building your own domain reputation.  

What feedback are you hearing from customers about this?

It really doesn’t hit home until you see it in action, and until customers talk to you about it. A few months ago, I received an email from an IT professional at a university who’s been trying to get all the individual senders across the campus to properly authenticate their email. With so many different departments using different software to send mail, this is a daunting task. As a technology professional, she was able to look at their DMARC (Domain-based Message Authentication, Reporting, and Conformance) reports and immediately understand that the time and effort we put into this was making a positive difference. She specifically reached out to tell me she had noticed and appreciated it, which is just such a great feeling.

You’ve made the authentication steps sound really easy! But if customers have questions, what should they do?

We’ve got a number of resources around authentication and deliverability if our customers still have questions! 

• Visit the deliverability hub on the Constant Contact Community. 
• Check out our KnowledgeBase article about the authentication process. 
• If you still have questions, please contact a Constant Contact deliverability specialist to help you...