DEV Community: Valeria

DMARC Explained

Valeria — Fri, 25 Nov 2022 13:18:57 +0000

Back in 2012, engineers from Microsoft, PayPal, Yahoo!, and Google met to discuss making authenticating emails even more bulletproof. At the end of the day, they released DMARC to the world.

What is DMARC?

Domain-based Message Authentication Reporting and Conformance not only has the most complicated name of all three methods but is also the most effective. And it’s quite easy to understand why.

DMARC leverages DKIM and/or SPF to perform a more advanced check on each email received.

With DMARC, a domain owner can specify its own authentication procedure (known as a DMARC policy). Using it, they instruct an incoming server on what to do if an email fails to pass the DMARC test. Finally, the policy can also provide reports with the details of each check to improve processes and provide immediate warning if anyone spoofs the account.

How DMARC works

DMARC requires either SPF or DKIM records – or better, both of them – to be set.

When an email is received, a receiving server does a DNS lookup and checks if there’s an existing DMARC record.

DKIM/SPF is performed as usual. A receiving server then performs a so-called “alignment test”. It verifies if:

In the case of SPF, the “envelope from” email address matches the “return-path” address. In other words, it checks if the email address the message was sent from is the same as the address a potential reply would go to.
In the case of DKIM, the value behind the ‘d’ tag (sender’s domain) matches the domain an email was sent from.

Of course, if both authentications are set up, both alignment tests are also performed. The alignment requirements can be ‘strict’ (the domains need to precisely match) or ‘relaxed’ (base domains need to match, but different subdomains are allowed).

DMARC will succeed in the following scenarios:

If only one of the authentications is set up, its check must be successful along with a respective alignment test.
If both methods are set up, one of them needs to be successful with the respective alignment test but both are not required.

Notice how DMARC will still succeed even if, e.g. DKIM along with DKIM alignment fails, but SPF and its alignment succeeds (or the other way around).

Now, let’s assume an email failed a DMARC check for whatever reason.

DMARC lets you instruct the incoming server on what should happen to an email that failed a check. Three options are available (they’re referred to as “policies”):

‘None’ – it means that an email should be treated the same as if no DMARC was set up (a message can still be delivered, put in spam, or discarded based on the other factors). This is typically used to watch the environment and analyze the reports without influencing the deliverability.
‘Quarantine’ – allow an email but don’t deliver it to an inbox. Usually, such messages go to the spam folder.
‘Reject’ – discard the messages that failed the check right away.

These instructions can also be customized. For example, with a ‘quarantine’ policy, you could tell the server to send only 10% of emails with a failed check to a spam folder and ignore (‘none’) the other 90%. Note that just because you instruct the server on what to do, it doesn’t mean that it will follow your advice. But it still puts you in much more control than in the case of DKIM and SPF authentications.

Finally, a receiving server will send reports for each failed DMARC verification and with aggregated data about unsuccessful checks. It’s invaluable for analyzing the performance of your message to keep you in the loop if any phishing attempts occur.

What does a DMARC record look like?

Let’s now break down an example record. Instead of relying on dummy data, we’ll use the record of Square, a unicorn provider of financial services for small businesses. Many cybercriminals probably dream of spoofing their emails, so it’s no surprise they chose to protect themselves with DMARC.

v=DMARC1; p=reject; rua=mailto:dmarc-rua@square.com,mailto:dmarc_agg@vali.email,mailto:postmasters@squareup.com; ruf=mailto:dmarc-ruf@squareup.com

You can access this record under this link. This site will also show you DMARC records for any other domain, given, of course, that it has been configured. Let’s go through each tag mentioned above, one by one.

v=DMARC1

This is the identifier (a DMARC version) that should always be included in the DNS record. The receiving server always looks for it. If v=DMARC1 is missing or is modified in any way, the whole verification will be skipped.

p=reject

The policy Square chose to use is to reject all emails that fail the DMARC check. Of course, they might still be delivered, but a strong signal will be sent to the receiving server not to allow such messages.

rua=mailto:dmarc-rua@square.com,mailto:dmarc_agg@vali.email,mailto:postmasters@squareup.com

These three addresses will be receiving daily, aggregate reports about the emails that failed the verification. This will be high-level data about the reasons for failures, without giving any details of each. Each address added here needs to be proceeded with “mailto:” as in the example.

ruf=mailto:dmarc-ruf@squareup.com

This, on the other hand, is an email address where individual forensics reports will be sent in real-time, including the details of each failure.

As is usually the case, there’s also a number of optional fields that can be added to the record to customize it a bit.

Some optional DMARC tags for customization

To see other customizable tags, head to the original Mailtrap article which explains how DMARC works.

How to implement DMARC records

The whole process comes down to the following steps:

Validating if SPF/DKIM are set up and domains aligned.
Generating a DMARC record and specifying its settings.
Adding it to your domain’s DNS.

Verify if DKIM and/or SPF are set up properly

As mentioned earlier, having either of them is compulsory for DMARC to work. But having one that returns negative results for legitimate emails will also do no good. The DMARC test will fail automatically if SPF or DKIM fails.

If you have only SPF set up, check if the following two match:

‘Envelope from’ address – the address emails are sent from.
‘Return-path’ address – the address emails will be directed to if a recipient responds to an email.

If you rely only on DKIM, check if the following two match:

‘Envelope from’ address – the address emails are sent from.
‘d’ tag of your DKIM record.

If you use both methods (and rightly so!), perform both checks, of course.

Choose an email account for receiving DKIM records

A great thing about DMARC is that, when set up, your server starts sending you daily reports of how your emails performed (separate aggregate and forensic reports). This way, you can quickly spot any abnormalities and improve your performance using data.

Keep in mind that reports are sent in a raw, hard to read format. You may want to use tools like Dmarcian or MXToolbox to get the most out of data.

Generate DMARC record

And now, let’s finally generate a DMARC record. Dmarc.org recommends a number of resources for this task. There are several tags mentioned above you need to use in a record and a number of optional ones. Note that the ‘p’ tag (as in ‘policy’) will directly represent the previous step.

Add DMARC record to your domain’s DNS

Once you have your record, you can go ahead and add it as a DNS Record. You may be able to do it on your own or, in some cases, the help of your hosting provider may be needed.

In the domain registrar, you need to add the newly-created DMARC as a TXT record. We won’t go through any details here as the process differs for each provider. If you did everything correctly, you should receive your first reports within the next 24 hours.

Three major DMARC myths busted

DMARC is set for security reasons only

Partially true. DMARC indeed aims at preventing spoofing and phishing attacks. However, there is more to DMARC than that. DMARC enforcement policies and advanced reporting capabilities significantly improve legitimate mail delivery. They help build and increase brand trust and analytics. Thus, DMARC is quite a boost to any marketing campaign.

DMARC is just for domains that send mail

Not true. The fact that your domain doesn’t send emails does not mean that it cannot be impersonated. In fact, the more famous your brand, company, organization, or personality is, the higher the attraction malagents have to spoof it. The receivers of malicious emails from “your” brand will mostly not be able to identify that your domain is not configured for sending mail. As a result, you’ll have to face many unpleasant consequences concerning your reputation and credibility.

Setting DMARC policy to “none” is enough for email security

Wrong. Setting DMARC policy to ‘none’ is usually the first step to make sure that DMARC reporting and delivery is set right, but it doesn’t improve your security nor help protect your domain from being impersonated. Eventually, to make the best of DMARC security and marketing enhancement, you will need to arrive at a policy of (at least) quarantine or (best of all) reject at a pct=100.

Moreover, should you decide to move with the times and adopt BIMI as the latest brand authentication strategy, your DMARC record should be set to “reject” policy to be qualified for BIMI certification.

Why you should use DMARC?

We said it many times, but it’s worth repeating it again – DMARC is the most effective way to protect yourself from spoofing. Period. This alone should be a good enough reason to add the implementation of DMARC to your next sprint.

HMRC estimates that the number of phishing emails sent from their domain decreased by 500 million in just 1.5 years after the implementation of DMARC.

There are two major DMARC benefits to consider:

Cybercriminals are much more likely to give up on trying to spoof a domain if they see (properly configured) DMARC records in the domain’s DNS. The implementation of DMARC is not widespread yet so it won’t be hard to find something more worthwhile of their time.
Receiving servers also know that emails coming from DMARC-secured domains are much more likely to be legit than those secured with just one of the other authentication methods (not to mention those without any security).

Final thoughts

Email security should never be underestimated. The bigger you are, the more you have to lose if someone spoofs your accounts and tricks your customers into something you probably wouldn’t approve of. Given how easy it is to add each method and how much you gain by having them all properly set up, there’s little reason not to give them a try.

What’s absolutely cool about DMARC is that you can start with a ‘none’ policy and observe what happens. This basically means that your emails will be going through the relevant checks on the receiving side, but if they fail, it won’t influence your deliverability. On top of that, you’ll receive tons of data via the DMARC reports so you can quickly identify if someone is trying to spoof your domain or if a problem lies on your side. Use this data to improve your processes, and you’ll see the results in no time.

How Shared and Dedicated IP Influence Email Deliverability

Valeria — Mon, 21 Nov 2022 16:09:01 +0000

There are a multitude of factors that affect email deliverability. The content you send plays its part. The quality of a mailing list is important. Steering clear from spam traps and blacklists can never be underestimated.

One more thing that’s even more important than all of these combined is an impeccable reputation of the IP address you use for sending emails. Together with the quality of your domain, they form Email Sender Reputation – a key factor that’s used to determine whether an email should be allowed into an inbox, end up in a spam folder, or be discarded without a trace.

When it comes to your sending IP, you have two options – a shared or a dedicated IP address. Which one you should choose will depend on a lot of factors. Let’s explore the pros and cons of each approach.

Shared and dedicated IP – what are they?

Each email sent on the internet originates from an IP address (publicly represented by a domain). Each email sending provider (ESP) gives a set of IPs to its users and, using these addresses, distributes emails on their behalf.

Shared IP is a single email address that’s used by more than one sender. Frequently, there could be hundreds or thousands of senders using the very same address, especially on free email services such as Gmail. The performance and habits of each sender affect the performance of others in the same pool.

Dedicated IP is an address that can only be used by a single sender (domain). The entire history of such an address is built, usually from the ground up, by a company using such a service. ESPs offer a dedicated IP as an additional purchase or a plan.

Benefits of using a dedicated IP

Not sharing your IP with a bunch of anonymous senders sure sounds like a good idea. And rightly so – there are certain benefits of having a dedicated IP:

You’re responsible for your own fate. You’re building your own sending history from the ground up. If you’re doing it well, your delivery rates will likely reflect it.
You can more easily isolate any issues. When sending from a shared IP, it’s close to impossible to investigate any deliverability issues because of the sheer number of factors. When sending from a private IP, you can pinpoint specific issues and, if possible, address them quickly.
You can get whitelisted. As a sole sender from a specific IP, you can request for your address to be whitelisted with some ISPs, such as Yahoo!, AOL or MSN and services such as SenderScore or Goodmail. Being whitelisted gives a boost to your deliverability and can help with particular providers. These services typically don’t admit shared IPs.

Benefits of using a shared IP

Sharing IP with other email senders also has its benefits:

It’s more cost-effective. Without exception, sharing IP with other senders is cheaper than having a dedicated service. It can even be free with a low volume and select providers.
You can still enjoy a good reputation. If you choose a reputable ESP, it’s not like you’re going to sit on the same IP with hundreds of spammers and phishers and suffer because of them. ESPs do their fair share of the work to ensure that at least a decent quality of emails is sent from their IPs. They monitor hard bounces or complain rates and actively filter out those not meeting their standards
You benefit from the reputations of others. If you’re just getting started, send a low or inconsistent volume, you would have deliverability issues. But, because you’re sharing IP with more experienced senders, your cumulative volume looks far less suspicious from the outside. As a result, even if you’ve never sent emails with an ESP of your choice, you’ll probably enjoy very decent delivery rates.

Shared vs. dedicated IP – which one should you choose?

You can probably already see that both solutions are targeted at slightly different groups of senders. Let’s reiterate anyway who should consider either of these approaches.

When to go with a dedicated IP

When you send a high volume (100,000+/month) on a regular basis. Sending such volume regularly will let you quickly establish a good reputation. You won’t have to look back at others and you won’t be clueless about what went wrong if numbers suddenly drop.
When you send a lot of corporate emails and need to get whitelisted. Many corporations require a sending IP to be whitelisted before a large volume of emails can be received from them. If this is the case for you, you don’t have much of a choice.
When you can afford the costs. A dedicated IP is far more expensive than a shared one. Often, you need to pay for setup along with a regular subscription. Prices vary.
When your shared IP is blacklisted and you can’t change the address. Sometimes, especially on free services, an entire IP can easily get blacklisted when a single email hits a spam trap. If you find your IP address on several blacklists, you may consider a move to a dedicated address. Just make sure the volume is there.
When you’re sure you’ve got a quality list. When sending from a dedicated IP, you’re much more vulnerable to spam reports, unsubscribes or low engagement. If you’re planning a move, clean your list first and make sure you only stick with the active subscribers.

When to go with a shared IP

When you don’t have a sufficient volume. If you’re not hitting at least 50-100k every month, you would be unable to build a good sender reputation. As a result, your emails would have a below-par performance, without much hope for improvement.
When you don’t stick to a consistent schedule. If you’re sending a big campaign every now and then and sit quietly for the rest of the time, such sudden spikes will look suspicious to ISPs. As a result, your emails may start bouncing out of nowhere. When you’re sending from the same IP as hundreds of others, these spikes are hardly noticeable anymore. ESPs also do their share of the work in gradually releasing large chunks of emails.
When money is a factor. If you’ve got better things to spend your money on, pick a good ESP and trust them to give you a good reputation in the package. Many ESPs offer very reasonable rates for their services. Need help picking a good transactional email provider?

Don’t forget to warm up your IP!

If you decide to switch to a dedicated IP, make sure you incorporate a technique called IP warming. It’s about sending, gradually, more and more volume with a newly set up IP. This way, you teach incoming servers to trust your emails so that, by the time you’re ready to send that large marketing campaign, there won’t be any surprises.

If you were to send tens of thousands of emails on day one, you would probably see a lot of unexpected bounces. Incoming servers would have no record of earlier activity and would take such a sudden increase in volume with a big grain of salt. And, if they did, this would affect the performance of your future campaigns. Disaster.

Luckily, many providers of transactional emails, such as SendGrid, Amazon SES or Sparkpost, now offer automated IP warmup that takes care of the process for you.

Hope this guide shed some light on the difference between shared and dedicated IP! Follow the link to view the original post on Mailtrap blog.

Intro to Transactional Emails

Valeria — Fri, 18 Nov 2022 09:48:28 +0000

What makes for a beautiful experience of using a platform or an app? Interactive interfaces? Mind-blowing designs? Interesting copy? Maybe. But what most users really care about is getting stuff done — quickly buying a product, easily launching a website, smoothly implementing a feature. Since it’s impossible to follow every user on every step of their customer journey, companies incorporate transactional emails to automate the processes. Let’s explore what these emails are really about and how to set yours up.

What are transactional emails?

Transactional emails are messages that you often receive when using a product, website, mobile app, etc. They are triggered when a transaction happens. In this context, “transaction” doesn’t only refer to the action of buying or selling an item (as any dictionary would suggest). It also refers to requesting a password reset, breaking a new record in your fitness app, or adding a new card to your account. It can be literally any action and each can trigger a reaction.

What’s the difference between transactional and marketing emails?

Marketing emails such as newsletters or product updates are typically sent in bulk with the same content delivered to all recipients at the same time. Their goal is usually to recommend a product or feature, or to get you interested in an upgrade of your subscription (or your 3-month-old sneakers). In other words — to sell you something.

Transactional messages, on the other hand, are one-off, event-driven notifications sent based on users’ activity on a platform. They can be properly personalized and usually arrive immediately after an event is triggered.

What’s included in transactional emails?

When a transaction happens, an automated email can be sent to an address provided, usually at sign up. Such transactional emails can give you further guidelines or update you on your progress so far. They can be used to request a certain action from you or to inform you what just happened. They can also just welcome you to a platform, a mailing list or a new group, or bid you farewell when you decide to close an account. The opportunities are endless.

When should you use transactional emails?

Here are some situations when a good ol’ triggered email would be appreciated:

A user requests a password reset and successfully does so
A user signs up to a platform or joins a mailing list
A double opt-in is in place
A credit card has been added or removed
A user was verified (or, quite the opposite, their verification failed)
A user used a vital feature and needs to know what to do
A purchase is made and a receipt needs to be sent
A payment fails and an action is needed from a user
A user’s trial period is about to expire and they need to be sold on a premium plan
Terms of service or any other legal files are amended

These are just a few examples. Of course, transactional emails will look very different for a Tinder-like app than for a government taxation platform. The key is always to carefully go through the entire customer journey and figure out where such triggers should be placed.

Why are transactional emails important?

First of all, many transactional emails are simply necessary — password resets, 2-step verifications, failed payment notifications. Users need to receive them to be able to move forward. Others are maybe not must-haves, but users, taught by their experience of using many other products, have come to expect them. These include order confirmations, credit card charge receipts, or just usual welcome emails sent moments after registration. Don’t send one, and people will think right away that something is wrong.

For e-commerce businesses, transactional emails are also crucial for** improving sales of a product**. Companies often use these emails to chase clients who abandoned their carts or didn’t submit a payment on time. They even use casual order confirmations to upsell or at least pique the buyer’s interest in a related product. Even a little effort in this field often goes a long way.

How do you send transactional emails?

There are two approaches to building and sending transactional emails. Depending on your tasks, the volume of messages you need to send, and the infrastructure you already have, you can choose between marketing automation tools and dedicated transactional email sending providers.

Transactional emails can be a part of automated marketing workflows. When you need to send up to 2,000 — 3,000 transactional emails per month, it can be more efficient to set this process in your CRM or email marketing system. Such tools provide you with a set of templates and pre-built sequences. HubSpot and Zoho are among the most recognized CRM systems, while Mailchimp, ActiveCampaign, and AWeber are renowned email automation tools.

When you have a solid user database and various email notifications are a crucial part of their user experience, it makes sense to rely on an email sending provider that can offer a scalable email infrastructure. This is a more tech-savvy method as you will very probably need to manage email triggers and set sequences on your app’s backend, but it provides you with greater flexibility. Reputable transactional email sending providers are SendGrid, Postmark, Amazon SES, SMTP2GO, etc.

You should understand what’s under the hood of your email sending process and be aware of the technical aspects that influence deliverability and the overall success of your email campaigns.

First of all, let’s review what is technically needed for sending transactional emails.

Email sending provider

Selecting a proper sending provider is half the success. Email deliverability depends both on the domain reputation (which is on your, the sender’s, side) and the IP reputation, which is on the sending provider’s side (in many cases).

When you pick an email sending service, you will be using their shared IPs first (this is recommended if you are not a super high volume sender). They will handle the IP warmup and control its reputation. When a new sender enters the game, the recipient’s email clients are suspicious about it — they can’t be sure that they can trust it. If you start by sending thousands of emails at once, they will very probably be treated as spam. It is the job of an email sending service to manage throttling and increase the volume sent per batch gradually. Read more about shared and dedicated IPs and their impact on email deliverability in this article.

Proper functionality, understandable user interface and documentation, as well as the way of addressing issues also matter a lot. So, here is a list of criteria we recommend following when selecting an email sending provider:

Reliability. Remember that building a solid infrastructure requires investments. Choose a known company. Learn about their servers, uptime, spam rules — this can help you understand whether they are able to ensure proper deliverability.
Clarity. Everything should be clear and easy: simple pricing, understandable documentation, intuitive UI, as well as the ability to quickly contact their team and resolve any kind of issues.
Functionality. There may be dozens of features that matter to you, but there is one common point that is important for everyone: reporting. This includes both the comprehensive analytics and system of alerts. It is crucial to be notified when something goes wrong in order to be able to quickly find the reasons and fix them.

The vast majority of transactional email services offer two ways of sending emails: SMTP and API. API provides a more flexible way of integration with your app or service and is considered a quicker and more robust method of sending emails. However, it requires advanced coding skills and is not as versatile as SMTP. If you need to dive deeper into this topic, read the Do you need Email API or SMTP Relay? article on our blog.

Domain verification and authentication

To explain the essentials of email sending, let’s start with an example. Let’s say, you have the Help Fries company that owns the helpfries.co domain and you need to start sending account confirmation emails from the hello@helpfries.co address.

In this case, helpfries.co will be your sender’s domain, but the email sending process will be handled by an SMTP server provided by the email sending service. Let’s call it RockSMTP.

To let RockSMTP send emails on your behalf, you need to prove that you own this domain (otherwise, spammers would be able to use any company’s website to send their spam messages and kill everyone’s reputation). This is called domain verification and is performed by adding a CNAME record to your domain’s DNS records. It’s easy — you just need to copy a special code provided by RockSMTP and paste it into your helpfries.co domain host’s DNS settings (this is where you purchased your domain from — AWS, GoDaddy, etc.).

Once this is done, you can start sending messages. However, it is strongly recommended to perform domain authentication in order to ensure good email deliverability. Domain authentication is also performed by adding a few other types of records to the DNS settings.

SPF record is a TXT file where the domain owner specifies the list of IP addresses that are authorized to send emails from this domain. (RockSMTP’s IPs are authorized to send emails from helpfries.co).
DKIM is a CNAME record that helps ensure that email content is not changed during transit. It is based on the public-key cryptography principle and is implemented as a digital signature attached to an email.
DMARC is an additional layer of security and requires SPF or DKIM. It is a TXT record that sets DMARC rules. It “tells” the recipient’s email client what to do with emails that failed SPF and/or DKIM checks. The DMARC policy can also generate reports on these checks. It is not strictly required for sending emails, but it’s a reliable method of preventing spoofing.

Why you should test your emails and how to do this right

Finally, let’s assume that you have chosen the tool, set up the right triggers, and configured the most effective emails to be sent at just the right time. Can you move on to other tasks now?

By all means, don’t. Actually, don’t send any communication before you test it first. There are many things that can go wrong:

Password reset links won’t work
Buyers won’t be able to download their invoice (or worse, they’ll download someone else’s!)
You’ll send some hints for completing an important step days after a user reached this goal
The formatting of an email will make it impossible to read or click-through
You’ll let someone know that their card was declined when it was not

And these are just a few of the many examples. We strongly recommend that you test each message before it’s delivered to a real person.

You can do this with a fake SMTP server such as Mailtrap. It lets you send test emails without the risk of spamming real users. It also enables previewing each automated message as well as checking whether it’s likely to fall into spam folders. You can try Mailtrap for free and upgrade later if you need more functions.

Bonus: Best practices for using transactional emails

It’s not enough to just set up and send a few emails every now and then. Those who really succeed in the field spend many hours trying to understand their users and optimizing their emails for this audience. We recommend that you do the same. Here are some tips for improving your transactional emails:

Think like a user — focus on their needs

Try to put yourself in the shoes of a user of your app or a visitor to your page. Don’t assume that something is obvious to them just because it is to you. You know the product inside out and have probably been through each screen 184 times. Maybe you even built it. Assume that visitors know even less than Jon Snow. Think where they may get lost, what could be hard to grasp for the target group, and fix it with the proper transactional emails. Focus on what users want to achieve, what their goals are, and make it easy for them to reach them.

Don’t send too many emails

Resist the temptation to set up tons of triggers on the way. Think where they’re essential and where they can make a lot of difference. Start small. If you observe a lot of support tickets about a certain step or a low conversion on some step of a funnel, think about whether adding some automated emails may help fix the problem. Adding an enormous number of emails will quickly flood users’ inboxes and cause them to unsubscribe (or worse, mark you as a spammer).

Don’t solve problems with emails

Once you get the first results of your campaigns, you may feel the urge to address all issues this way. Don’t fall into this trap. If users successfully traverse several steps but then nearly all drop on the following one, sending an automatic follow-up email may not fix the problem. Analyze what the reason for this sudden drop could be. Maybe some bugs are preventing users from completing the process? Maybe something is counter-intuitive? Or maybe they were looking for something completely different and ended up in the wrong funnel? Even the best written email won’t fix such issues and implementing one will only give you false data about the success of your other campaigns.

Focus on timing

Figure out the best time to send a particular communication. Order confirmations should be sent right away, that’s a no-brainer. Should an invoice be generated simultaneously or maybe right after an order is delivered? When should you remind visitors about an abandoned cart? In an hour, a day, or a week? How much time should you give a user to complete some step on a platform before you give them further tips? Or maybe you shouldn’t bother them at all? There are no “right” answers to these questions as every website, app, and client base is different. You’ll need to figure out the answers on your own.

Have the right subject line

The topic of your email is the first thing that recipients will see. As a result, it will play a key role in their decision on whether to open it or not, assuming they spot it in the first place. Don’t give them a chance to miss important information. Make your email subject concise, straightforward, and recognizable. Compare “Payment Help Fries” to “Action required: you payment for Help Fries failed”.

Keep it short and focused

Keep your email short and straight to the point. This way, you’ll increase the chance that someone will read through all of it. If the hint you’re sending requires a longer explanation, write a blog post and link to it in your email. Your reader has a very limited attention span — use this short time wisely.

Write an engaging copy

Make your copy interesting, even if you’re writing something boring. Try to build an emotional connection with readers, encourage them to ask questions, share what your company has been up to. Make it a pleasure to read your emails and users will be looking forward to the next ones. Some may even share the best ones in articles like this.

Properly format each message

The copy is the most important bit, but it needs to be properly formatted too. Make sure your messages look good on different screen sizes and especially on mobile. Use your branding materials in every email, even the dull ones like password reset instructions. Readers will learn to recognize your brand, which could go a long way.

Send from a recognized name — don’t use no-reply addresses

Send emails as “Kate from Mailtrap” instead of vague “Mailtrap marketing team” or worse, “no-reply@mailtrap.io”. Users are more likely to open an email if they know (or believe) that they’re communicating with a real person. Sign an email with a real name and maybe even add a picture. Encourage them to write back to you with any questions or feedback. Even if such replies don’t go into your individual inbox but instead to support folders, many will appreciate such an opportunity. It’s way easier to respond to an email than it is to find a contact form somewhere on your website.

A/B test, over and over again

Once you implement all the above tips, test whether they really work for your business. It may be that some won’t apply. It’s also likely you won’t be able to figure out at the first attempt where users could use some help or how to properly stalk those who abandoned their cart. Send different emails to different groups and see how they interact with them. Are there more opens or clicks in one of the groups? Does something work better for improving the conversion or decreasing churn? You won’t know until you test it.

Add Google’s Email Markup to your emails

Google lets you add Email Markup to your messages to add an action prompt to your email. As a result, this lets users take an action without even opening the message and also improves the conversion. This way, users can RSVP to an event, confirm a subscription, or quickly look up the order or shipping details. Of course, it won’t work for many use cases, but if it could work for you – consider giving it a try.

Ensure your emails are delivered

Finally, all of the above tips will be in vain if your email doesn’t reach the recipient’s inbox at all. And this can happen even for the most important emails such as order confirmations or password reset instructions. We’ve covered tips on improving deliverability in another article. Emails going to spam folders are also far from desired – read about how to avoid such a fate here.

Final words

Transactional emails are a huge topic. In this guide, we’ve given an overview of all the important aspects you should know about when working with this type of email. Each of them deserves a separate article — and we have a bunch of them on our blog — so it wouldn’t ever have been possible to squeeze all the information into one article. We hope that after reading this post you have the whole picture of transactional emails and know what specific guidelines to look for and where to find them.

Hope this introduction was helpful! Check out the original mailtrap.io blog post.

Proven Ways to Send HTML Email with Gmail

Valeria — Wed, 02 Nov 2022 14:53:47 +0000

Gmail has over 1.8 billion accounts worldwide and the number keeps growing. You’re probably one of them and so am I, my team, and probably the majority of Mailtrap users too. Gmail has gone through a lot of changes since it was first tested in 2004. One of them was about simplifying the compose window and removing the good old HTML editor. It doesn’t mean, however, that HTML is no longer supported by Google – it’s just a bit trickier to send HTML email from Gmail. Let’s see how it works.

Why import HTML into Gmail in the first place?

Gmail offers a WYSIWYG editor (What You See Is What You Get) by default, which is perfectly sufficient for nearly any communication. You can choose from a number of fonts, colours and sizes, align a copy, add bullet points or indentations, and even insert images or emojis.

Things get tough, though, when you need to use your company branding or other more complex formatting, not available in the default editor. Inserting a logo or banner is doable. You can hire a professional, or there is an easier and more affordable way – to use one of the logo maker tools available. For instance, you can check the functionality and features of Designhill Logo Maker, Zyro, or any other you would prefer.

But can you align those visuals properly with a text and make sure they look fine on any screen size? Probably not from the client itself.

In such situations, you need to rely on external tools or write your own HTML and insert it into a compose window.

Importing HTML into Gmail

If you were to simply copy the HTML code and paste it into the Gmail’s compose window, the receiver would only receive the very same raw HTML. In other words, Gmail wouldn’t render it in any way. If you’re exchanging emails with a fellow web developer, they may actually appreciate such an innovative way of communication. Most people won’t though. That’s why you need to use a simple workaround to insert HTML.

Outside of Gmail, compose HTML code and save it as an .html file on your drive. Make sure your editor saves files as plain text, without any additional formatting. It also cannot add .txt or any other extensions to the file name, otherwise the code won’t be rendered properly. Mac’s TextEdit, for example, needs a few tweaks to work with HTML as expected. Here’s our sample, rather poor quality code:

Right-click on the file and open it with a browser of your choice. It should render as expected. If you see raw HTML, double check if the file was saved properly and your editor relies on plain text.

Copy the entire content of a page, either with Ctrl+A (Windows) / Cmd+A (Mac) or just use a mouse or a trackpad. Then, insert it into your Gmail’s compose window and send!

The email should arrive in exactly the same shape as it was last seen leaving your inbox.

What to pay attention to when writing an HTML email

Although HTML is a really simple framework, there are several features/limitations of Gmail that you need to be aware of. Here are the main ones:

Images need to be hosted online and available publicly

Instead, images need to be uploaded elsewhere on the Internet, and referenced with a link in the code.

If possible, store images on your own server or use Google Drive (or other similar service). When uploading to the latter, make sure the link is public, not private (trying to access it in the incognito mode should do the job). When uploading to popular image sharing services such as Imgur or Tinypic, make sure you obtain a direct link to the image, not to a folder where it’s stored.

External style sheets won’t work

Gmail doesn’t offer support for external styles. You can, however, utilize embedded CSS as well as Inline styles. A good responsive email typically consists of a fair share of Inline CSS, used mainly to maintain proper structure and styling of a message. Embedded CSS is used to add CSS Reset Styles and rules required to make an email responsive.

You can’t use web fonts

Gmail doesn’t let you utilize any web fonts and there’s no way to import them into your HTML. You’ll need to use one of the available fonts in your emails.

Utilizing HTML editors

Is it really necessary to write an entire HTML code from scratch or to test how it looks on different screens? No. There’s an abundance of free and paid email editors available both online and for download.

More sophisticated tools come with dozens of templates perfect for any occasion. You pick the right one, adjust it to your needs, and preview and download the entire HTML code. Then you follow the instructions above to send it with Gmail or use any other client or email service provider (ESP) like eSputnik, GetResponse etc. Most of these tools run on a freemium model, letting you try some basic templates for free and charging you for more advanced ones.

Some of these platforms also offer responsive HTML email templates that will look great whether a receiver reads them on a laptop, 292-inch TV or a smartphone. If the budget allows, we strongly recommend picking one of responsive templates, as well as trying out those design, logo, and banner maker tools that we mentioned at the beginning. It’s a good way to ensure a better user experience.

By the way, we’ve recently covered the 10 best HTML email editors on our blog to help make the choice easier. Check them out here.

There are also many basic tools that will simply preview whatever you insert. They’re more suitable if you’re writing a new code or reusing an old one and need a quick way to preview. These tools are typically free and sometimes don’t even require a sign up.

How to test your HTML emails

By now, your email is likely composed and ready to be sent. Are you done, though? We think not. Before you press the ‘send’ button, you might want to test each template in several clients and on several screen sizes. You might be surprised how some platforms will render your carefully-crafted message.

You could send such emails to various email accounts of yours or to your coworkers/friends. Alternatively, you could automate this process by incorporating a tool like Mailtrap. One of its functions is previewing how an email would look in a browser. You can resize the screen and preview your message as though it were delivered to a mobile phone or tablet. You’ll immediately spot if something renders incorrectly. Even if everything looks fine, Mailtrap checks the code behind an email and lets you know right away which elements can cause a problem and which email client will most likely be affected.

Finally, you can check each message against common spam filters and improve it based on the provided suggestions. Mailtrap also checks your domain against the most common blacklists to make sure there won’t be any issues with deliverability.

Final words

As you can see, sending HTML emails via Gmail isn’t difficult at all. The only tricky part can be displaying them properly in the vast array of browsers and email clients. However, with a bit of practice and the appropriate toolset, it shouldn’t be a problem.

Hope this was helpful! Check out the original article on how to send HTML email in Gmail at Mailtrap blog.