Stefan Holm Olsen

Remember to configure your complementary SendGrid account in Optimizely DXP!

Do you have a site running in Optimizely DXP? Then you may already know that it comes with a complementary SendGrid account for sending emails. After adding a small piece of configuration to the site, the site can send emails using SendGrid’s default configuration.

But to improve the deliverability of your emails, here are a few easy tricks.

Configure SPF

SPF (Sender Policy Framework) is probably the most important configuration to make. In short, it is a list of servers and host names that should be allowed to send emails in the name of your domain. If anyone tries to send emails, posing as your domain, from an unlisted server, their emails will be rejected before they reach the recipients. That’s how powerful it is.

An SPF policy can be written by hand or be generated using free tools. I usually use MXToolbox for that. The result should then be added to the domain’s DNS server. And that’s it.

Warning! Before engaging an SPF policy, remember to uncover all the systems that could be sending emails from your domains. Organizations often tend to have hidden/forgotten systems sending such emails. And, unless mentioned in the SPF policy, such mail will simply not be delivered anymore. Consider starting off with a soft-block policy.

Warning! If the domain already has an SPF record, you need to include SendGrid as well. Or none of your Optimizely emails will be delivered!

Configure DKIM

DKIM (Domain Keys Identified Mail) is a framework for signing the outgoing emails with a key only your approved servers would know. The receiving mail servers can then validate that an email was sent from a server that had the right signing key. So, it goes well together with SPF (mentioned above).

It is a little more complex to set up DKIM. And you need to gain access to the SendGrid portal to fetch the DNS records needed to add to your domain’s DNS server.

Start by asking Optimizely DXP Support for an invitation to the SendGrid portal. Then find the DKIM keys and set them up in DNS, according to the instructions in the portal.

Receive reports on spoofing and spam attempts

When you have SPF and DKIM in place, you can easily configure DMARC (Domain Message Authentication, Reporting and Conformance). This is basically a way of telling the receiving mail servers how to handle and report spam and domain spoofing attempts (when failing according to SPF or DKIM).

Like the SPF policy, this can also be written by hand or generated by free tools. I usually also use MXToolbox for this.

Bonus: Get a blue verification checkmark

I am finishing off this article with a bleeding edge feature, which is probably nice-to-have for some of you. This is called BIMI (Brand Indicators for Message Identification) and has recently been launched by most of the big email platforms.

In a time where consumers regard profiles with a blue checkmark as more valuable on X, Instagram and Facebook, you might want to get in on this and get the same mark on your outgoing emails.

There are four steps to get this:

  1. Implement SPF, DKIM and DMARC.
  2. Provide a square logo in SVG format.
  3. Acquire a VMC (Verified Mark Certificate) file. Right now, only two providers sell these.
  4. Add a special DNS record to your domain.

This does not improve deliverability. But it does make your emails stand out to increase the chance of them being opened.