Email Verification & Domain-Matching Email Requirements

Google and Yahoo released an update in February 2024 that requires action in order to ensure your emails continue to work as you expect them to. These two major players in the email space are now requiring that all emails that come into their system come from a verified domain, otherwise they will reject them.


So the question is, how do you verify your domain?


As a Curaytor client, our engineering team is working tirelessly behind the scenes to ensure this has no impact on you. But it may require some action on your part as well. We’ve outlined 4 potential scenarios below. Find the one that describes you to see what you need to do:

  1. I have a domain matching email.
  2. I send email from an owned domain that doesn't match my Curaytor website.
  3. I use a brokerage email.
  4. I use a free email account. 

1. I have a domain matching email. 

Your Curaytor website domain matches the domain that you send email from. For example, curaytorrealesate.com is your website and you send email from jimmy@curaytorrealestate.com. In this scenario, our engineering team has done most of they heavy lifting for you. We went through your MX records and created all of the necessary setup for any email service that we found. 

 

You can find your MX records by searching your domain here: https://www.nslookup.io/domains/curaytor.com/dns-records/mx/

If there are other email services that you use, you need to find the SPF record for that service and provide it to us or set up it up in your DNS records yourself.

2. I send email from an owned domain that doesn't match my Curaytor website.

Your Curaytor website domain does not match the domain on your primary email, but both domains are owned by you. For example, curaytorrealesate.com is your website and you send email from jimmy@attractrealtor.com. 

 

In this scenario, you need to provide us with a domain-matching email to use with your Blast account. Sending Blast emails from an account that is not domain-matching will fail email authentication. However, the Blast Reply To field will still accept non-domain-matching emails, so your replies can be managed from your primary email.

 

If you want to continue to use your current email address, you can use it on other platforms. But you will have to do the DKIN/DMARC/SPF verification process on your own.

3. I use a brokerage email.

Your primary email is from a brokerage account (for example, jimmy@compass.com).

In this scenario, you need to provide us with a domain-matching email to use with your Blast account. Sending Blast emails from an account that is not domain-matching will fail email authentication.

If you want to continue to use your brokerage email address, you need to work with the brokerage to complete the necessary DKIN/DMARC/SPF verification process.

4. I use a free email account as a primary email.  

Your primary email address is @gmail.com, @yahoo.com, @hotmail,com, etc. 

Free email accounts were never intended for business use and are being specifically targeted in this change. You are unable to verify these accounts, so they should not be used moving forward.

In this scenario, you need to provide us with a domain-matching email to use with your Blast account. We recommend that you adopt this new address across all of your email activity. And you can work with us to ensure you have the appropriate DNS records setup for all of the places that you send email from.

Other Important Things to Note

Lofty Users
In many case, Lofty listing alerts come from a generic email address (like @chime.house). In some cases, agents purchase a custom domain to use for their emails that closely resembles the website domain (for example, the .net version). In either case, authentication will have to be done by Lofty, so please reach out to them to ensure those domains are all set and there is no disruption in your listing alerts.


Follow Up Boss Users
If your primary CRM is FUB, we need you to retrieve the SPF records for us. FUB uses client-specific SPFs that are only accessible by logging into your account. Follow step #2 in this article:

https://help.followupboss.com/hc/en-us/articles/19983604643735-Authenticate-your-Custom-Domain-to-Improve-Email-Deliverability


Other Email Senders
Not every email provider requires MX records to go into your DNS settings. For example - if you use Typeform to send out questions or surveys, you can set your “send from” email without ever changing your DNS settings.

By verifying your domain, you are now required to identify every platform that is “ok” to send email on your behalf. And we do that by providing SPF records for each platform.

Common providers that don’t require MX records but will require SPF include, survey companies (like Typeform), Mailchimp, Zendesk, Hubspot.

If you use any services that send emails, we need to know about them. If the service is in your MX records, we have preemptively taken care of it for you. You can check that by searching for your domain here: https://www.nslookup.io/domains/curaytor.com/dns-records/mx/

But if there are others - especially ones where you had to specify the “sent from” email, please alert your CSM so we can adjust your settings.


Spam Rates 
The platforms have specified that your spam rate needs to be <0.3%. It is unclear what happens if you exceed that threshold - it could be a decrease in deliverability, it could have more serious consequences like black listing or blocking your domain.

The two important things here are :

  1. Setup verification so that spammers don't spoof your email and send your spam rates through the roof, and
  2. Make sure you are sending high quality emails to a quality list. You want to avoid people marking your emails as spam, as much as you can. One of the best steps to take here is to avoid purchased lists.


Email Volume
This change is especially urgent for people that send more than 5000 in 1 day. Those large senders are who the platforms are targeting first.

However, we expect this to become the new normal for all email senders, so we recommend taking action now.

This is a very technical update - what we outlined above is the critical “need to know” information that informs your actions. If you want to dive deeper to understand more about the process, we have outlined that below. If not, you are good to wrap up here. 

As always, we’re here to help - so reach out if you have any questions.


In Depth Details

Effective February 1, 2024, email senders are required to verify their business email domain in order to ensure continued deliverability.

What does that mean?

Google and Yahoo are trying to cut down on the amount of spam email being sent. It’s a bad experience for end users. It’s expensive for Google and Yahoo to pay for the hardware to store all of those spam messages. So they want to crack down on it.

The way they are doing that is to require that all business senders establish special settings that authenticate emails that are actually sent by the business. Those are known as DMARC, DKIM and SPF records.

  • DKIM is a unique identifier for your domain. It’s like a social security number for your email. 
  • SPF records are ways to identify who can send emails on your behalf. You use SPF records to say that email providers like Curaytor, Gmail, Mailchimp, and/or ConvertKit can send emails from your domain. 
  • DMARC is a way to tell the email platforms what to do if spam records are discovered. You can set rules like Allow, Quarantine, or Reject.

Your DKIM is a private key that comes from your primary email host. SPF records are publicly available and come from each place that is sending email on your behalf.

When an email hits Gmail or Yahoo, they look at the SPF of the account that is sending the email and the DKIM of the domain they say they are sending from. They check to make sure that the SPF has been granted permission by the domain owner (by checking the authorized SPFs). If the SPF is valid, the email is eligible for delivery. If the SPF is not valid, the DMARC rule is followed.

If the spam rate is >0.3%, you risk having poor deliverability and/or a permanent block of your domain.

DMARC reports are sent daily to keep you informed about how the platforms are receiving your emails. The problem is they are messy XML that look like this:

DMARC_Example

There are managed services that you can subscribe to that helps you manage your DMARC records and will ingest and process these reports for you. Tools like easydmarc.com give you a graphical way to visualize what the DMARC reports tell you.