MessageFlowPricingBlogAPI docs

Senders Authorization

Imagine your emails always landing straight in your customers' inboxes, building trust and a professional image for your brand. The key to achieving this is sender authorization. This process confirms that you have the right to send emails from a specific domain (e.g., yourcompany.com).

Proper authorization is essential to prevent your emails from being treated as spam. It also protects your domain from unauthorised use by fraudsters attempting to impersonate your company (a practice known as phishing). At MessageFlow, we strive to make this process as straightforward as possible for you.

Remember, sender authorization applies to all emails you send through MessageFlow, whether you're sending campaigns from our panel or transmitting messages via API.

Take a moment to set it up correctly – it's an investment that will pay dividends in the future.

Authorization mechanisms used in MessageFlow

To ensure the highest level of security and deliverability for your emails, MessageFlow supports and recommends using standard authorization mechanisms:

  • SPF (Sender Policy Framework): This is a DNS record that precisely specifies which servers (IP addresses) are authorised to send emails on behalf of your domain. It allows the recipient's mail server to verify if an email it has received actually originated from a trusted and authorised source.

  • DKIM (DomainKeys Identified Mail): This method involves digitally "signing" the emails you send. This signature, unique to each message, is verified by the recipient's server using a public key that you publish in your domain's DNS records. DKIM ensures that the message content has not been altered during transit and confirms that the message originated from your domain.

  • DMARC (Domain-based Message Authentication, Reporting, and Conformance): This mechanism builds upon the results of SPF and DKIM verification. DMARC is a policy you publish in a special DNS record. It informs recipients' mail servers what to do with messages that claim to be from your domain but fail SPF and/or DKIM checks (e.g., reject them, move them to the spam folder, or deliver them unchanged – depending on the policy you define). Furthermore, DMARC enables you to receive detailed reports on attempts to impersonate your domain (phishing, spoofing) and on the verification status of your legitimate emails.

In MessageFlow, the process of generating the appropriate values for the records needed for DKIM and DMARC configuration is automated to make their implementation as easy as possible for you.

PreviousIntegration with IdoSellNextHow to Authorize Senders in MessageFlow?

Last updated