SECURITY GUIDE

Email Security: Protecting your Domain and Email Delivery

Your brand reputation is important, not the least when it comes to your email. If you have an untrusted email address then your emails can show up in spam folders or you could get blacklisted. Not to mention the new world of GDPR. Now you need to ensure that you are not only protecting yourself but also the contacts you are emailing.

Needless to say that it is getting more and more complicated to stay compliant and keep in good standing. But no worries, that is where we come in! This guide goes through all the ins and outs of email security and how the Clipsource platform makes it easy for you to stay in good standing when it comes to emails.

THE TECHNICAL STUFF

How Clipsource protects your email reputation

At Clipsource we handle all of the technical issues so you can focus on sending great emails and knowing that they will actually get delivered to all of your contacts. Here are the measures that are covered when you work with Clipsource.

We use an SPF record to ensure you are sending safe emails.

An SPF (Sender Policy Framework) record is a standard that helps protect inboxes from spam and enables a domain to say which servers may send emails on its behalf.

When you integrate to Clipsource, we ensure that we are added as an approved sender by using an SPF record. This way when a receiving server gets an incoming email from Clipsource, it can see that the messages are coming from a server that is on your list. If we weren’t on your list then a server could consider it fake and then block it.

Why is SPF important?

Technically you are not required to have an SPF. However, having an SPF policy gives you an extra trust signal to ISPs (Internet Service Providers) so that it is more likely that your emails reach your recipient’s inbox. This also makes it harder for imposters to try and impersonate your email address.

We use DKIM to help your deliverability.

DKIM is a security standard that makes sure that messages aren’t altered between the servers that they come from and are delivered to. So basically how it works is once the email leaves the sending server (e.g. Clipsource), it uses public-key cryptography to sign the email with a private key. Then the recipients’ server (e.g. journalist) uses a public key that is published to the domain’s DNS to verify the source of the message and checks that the body of the message hasn’t changed since our sent it. Once the signature is verified with the public key by the recipient server, the message passes DKIM and is considered authentic.

Why is DKIM important?

Although DKIM is not required, having it makes your emails appear to be more trustworthy and reduce the likeliness of them going into SPAM or Junk folders.

In addition to improving email delivery, ISPs use DKIM to build a reputation for your domain. The more quality emails that you send over time (low spam and bounces, high engagement), the better your sending reputation will be with ISPs, which improves deliverability. In other words, this helps you avoid being blacklisted.

We use DMARC to prevent spammers.

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a security standard that builds on top of DKIM to prevent spammers from using your domain to send emails without your permission. Basically, spammers can forge the “From” address on messages so the spam appears to come from one of your email addresses.

Why is DMARC important?

DMARC allows you to monitor emails that are sent using your domain to ensure they are properly authenticated using SPF and DKIM. For example, with DMARC in place, you have the ability to block spoofed messages that might damage your brand’s reputation and protect your organisation from scams that could compromise your security.

We validate your email list upon import to avoid any hard bounces.

You have probably heard about the importance of keeping your email list up to date, especially when sending to mass email lists. The reason for this is that if a large number of your emails bounce, it can hurt your reputation and you can be marked as a spammer. If this happens then even the emails that go to recipients who usually open your mail and engage with you will be placed in the junk folder.

In order to make sure that doesn't happen, we validate your current email addresses when they are first imported into the system. By doing this we can tell you which emails are active, which are invalid to avoid sender problems from occurring.

We validate regularly to keep your domain safe.

In addition to checking your emails when they are first transferred into the system, we keep track of your contacts engagement and subscription status regularly to make sure your sender reputation remains healthy.

This means that if someone on your email list suddenly becomes invalid, we will mark that so you are notified and cannot continue to send to them. We also notify you of soft bounces or if there is an error that is causing your emails not to be delivered. As well as inform you as to why bounces happen so that you can take action. Keeping your emails in good health is our priority.

THE LEGAL STUFF

GDPR Complicance

In addition to the technical requirements of having a good sender reputation, you also need to comply legally. In order to help you do this, we have separate data processing agreements (DPAs) with all customers to be able to process data, and in this case that includes the information required to send emails.

We offer tools to make sure you comply with GDPR.

We help you stay compliant with GDPR by keeping it simple when it comes to managing your database and list of subscribed and unsubscribed users.

Your recipients can manage their own data

The recipients who receive your emails can:

  • On invitation, choose whether they want to register an account and thereby approve that data is saved. Alternatively, they can choose not to register an account, but still consent that we save their data in order for them to receive emails.

  • Choose to unsubscribe from the emails they no longer want to receive.

  • Choose which emails they want to receive (type and topics).

  • Login and see what data we have saved regarding them as users.

  • Choose to download saved data.

  • Choose to delete all saved data = closing their accounts.

You can manage your recipient’s data

You (our customer) can:

  • Clearly see who has opted in and approved to have their data saved either by registering an account, or giving consent for their data to be saved in order to receive emails.

  • See which emails result in soft or hard bounces, and, in the case where it is possible, see why a bounce occurs.

  • See when a user was added to the system so that they can delete the data for the users who do not choose to act at all within a reasonable time.

Previous

Clipsource & MEDIAGENIX Integration Guide
Next

Media Center Feature Overview