Why Email is the Key to Effective Member Communication
The spam mitigation mechanisms such as a spam filter in our email systems are a good thing since they protect us from massive amounts of useless email cluttering our Inbox. They can also unintentionally hinder Membee's ability to deliver important emails to your members, non-members, and your Membee users (staff and/or volunteers) this includes:
- Member login setup and password reset emails to members
- Membership renewal and reminder emails to members
- Notification emails to Membee users (Event Sale Notifications, New Member Application Notification, New payment received, new profile modifications, etc.)
- Event reminder emails to event attendees
- Referral emails (the email sent when a visitor to your Membee online directory clicks on the "Send Message" link)
- Confirmation emails with the summary of the email sent via an integrated email send
If you have a member or a Membee user who is not receiving these emails or they are bouncing back to you (and you have confirmed that the email address that the information is being sent to is correct), there are several contributors necessary to ensure emails to members and Membee users.
Three Essential Roles in Effective Membee Email Delivery
As outlined in detail below, you will see that increasing email deliverability is a cooperative effort between three parties:
How Membee Maximizes Email Security & Deliverability
There is a constant and escalating battle being waged between those who are looking to use email for legitimate purposes and those looking to utilize email to facilitate various forms of illegal activity. A simple spam filter on your Inbox just doesn’t get the job done anymore.
Membee sends about 150,000 emails a month on behalf of client organizations. The job making sure these emails have the highest likelihood of being delivered and are secure begins initially with Membee itself.
Email Transport Security
A commonly employed tactic when attempting to use email for nefarious purposes is to attempt to intercept the email in between the server that sent the email and server that will accept delivery on behalf of the email recipient. If someone can intercept the email, they could change the content of your emails to suit their purposes.
Membee eliminates this from happening by employing Transport Layer Security (TLS) encryption. What TLS ensures is a secure connection between the sending email server (Membee) and the recipient’s receiving server which prevents the ability for a third party to manipulate your emails before they are received by the intended recipient.
Public/Private Key Authentication
To further ensure that emails are not manipulated before they are received, Membee employs DomainKeys Identified Mail (DKIM) to digitally “sign” emails it sends on your behalf from your copy of Membee. The email recipient’s receiving email server sees this digital signature (key) in the email and it contacts Membee’s sending server to compare this key to a private secure key. If the keys match then the receiving server knows that Membee was the originator of the email and it accepts the email on behalf of the recipient.
Please note that there was a time when the receiving email server would quite likely still accept the inbound email even if the keys did not match. Times have changed. Currently, major email providers are ratcheting up their rejection of any emails where the DKIM keys do not match.
Domain-based Message Authentication, Reporting & Conformance (DMARC)
It would be fair to say that the task of delivering legitimate email effectively is becoming more complex. While Membee is up to the challenge and our own internal testing processes ensure the technologies outlined above are working as advertised, Membee is only half of the email delivery equation - the sending half.
The receiving half of the equation also has a really tough task as it tries to figure out which emails are legitimate such as those that are digitally signed by Membee as well as the emails that are not signed are just as legitimate as the ones Membee sends. It’s a tough job knowing that rejecting a legitimate email is nearly as bad as letting an illegitimate one through to the recipient’s inbox.
Since there are two halves to effective email delivery if both halves work together, more legitimate emails get through and we are all less vulnerable to spammers, con artists, and phishing attempts. Domain-based Message Authentication, Reporting & Conformance (DMARC) is a mechanism that allows email senders such as Membee to let receiving servers know what to do with emails that the receiving server has questions about. DMARC also specifies to the receiver servers how to provide feedback to Membee on emails that the receiver is unsure about.
As a strong supporter of DMARC, Membee has established an aggressive email evaluation strategy asking receiving servers to evaluate 100% of all emails we send to them. In turn, the receiving servers provide detailed feedback on the evaluated emails Membee has sent to them. Membee evaluates this feedback constantly.
To date, DMARC feedback to Membee has uncovered few issues and when it does, they are often indicators of settings our client organizations have missed or set incorrectly which we immediately share with the organization.
FailSafe Resend Strategy
There are many reasons for the member’s email server to be temporarily unable to accept the email that Membee is attempting to deliver. As a result, Membee will attempt the delivery of the email using the following schedule:
- Attempt delivery again 15 minutes after the initial delivery attempt
- Attempt delivery again 30 minutes after the initial delivery attempt
- Attempt delivery again 60 minutes after the initial delivery attempt
- Attempt delivery again 240 minutes after the initial delivery attempt
- Attempt delivery again 12 hours after the initial delivery attempt
- Membee will notify you at this point that the member’s email has been delayed
- Attempt final delivery 48 hours after the initial delivery attempt
- If this delivery attempt fails, you will receive final notification that the email is undeliverable
- This is a queue to check with the member to confirm their desired email address
Required Steps You Take So Membee Can Deliver Email on Behalf of Your Organization
Authorizing Membee To Send Email on Your Behalf
If you do not authorize Membee to send emails on behalf of your organization, all the hard work Membee is doing to secure and legitimize your emails for delivery will go for not and as a result, a high percentage of your member emails will be rejected by the receiving email servers used by your membership. It’s that simple.
Delivered emails translate to better member communication as well as more membership and event revenue for your organization.
Make A Simple DNS Setting For Your Domain
Let’s say your organization’s domain is ourorganization.org. Your organization will have its domain “registered” with one of the numerous domain registrars. Settings within that registrar account do some important things such as:
- How email sent to emails at your domain are handled
- How people find your website by searching in a search engine
You are going to add to these settings that will authorize Membee to send emails on behalf of your organization. Specifically, you are going to add a Send Policy Framework (SPF) TXT record to your domain’s Host Records (sometimes referred to as “Zone Files”). Adding this record is straightforward and your domain registrar can answer any questions you may have.
Type = TXT
Value = v=spf1 +ip4:220.127.116.11 -all
Note: You may have an existing SPF record for your domain. You can only have one SPF record for your domain and if multiple SPF records, none of them will work. If you have multiple SPF records, receiving servers will decline all your SPF settings. The “ip4:18.104.22.168” parameter should be added to the existing SPF record.
Note 2: Time To Live (TTL) settings for your domain will determine when your net SPF record will propagate across the world’s DNS server network. Your member’s email receiving server will turn to a DNS server to confirm you are authorizing Membee to send email on your behalf. To be safe, you should allow 24-48 hours for your new setting to be accessible.
Testing Your DNS Setting Change
Basically, you are going to use an online tool to perform a simple test to confirm your SPF record in the DNS settings for your organization's domain is set up correctly.
This is easy.
- Go to https://dnslookup.online/spf.html
- Insert your domain in the “Domain Name or Hostname”
- Press the “SPF Lookup” button
You should see a result that looks something like this:
A result like the one below indicates that your SPF record is not setup correctly or it has not propagated across the DNS server network:
Use Email Addresses Located At Your Domain
Let’s say your organization’s domain is ourorganization.org. In order for Membee to deliver email for you effectively, you need to use an email address such as email@example.com or firstname.lastname@example.org. The reason is that servers receiving emails from Membee will be scrutinizing those emails by extracting the domain from your email address (ourorganization.org) and then looking to your domain for specific settings that authorize Membee to send emails on your behalf. More about this below.
If you use an email such as email@example.com, your member’s receiving email servers will be looking to the domain, gmail.com in this example, for the settings that authorize Membee to send email on your behalf. Since you do not control the gmail.com domain, you won’t be able to add those settings to your domain.
Can I use an email address from a third-party provider such as firstname.lastname@example.org? Yes. Membee will still attempt to send emails on behalf of your organization but the likelihood that those emails will reach your members will be dramatically reduced.
In short, receiving email servers will see your emails as less suspicious if Membee is authorized to send emails on behalf of your domain and the actual email has an address at your domain - email@example.com as an example.
As a result, using an email address from “consumer” email providers such as gmail.com, comcast.com, yahoo.com, etc. for your organization is definitely not recommended.
Luckily, there are highly reliable and inexpensive services that many of Membee’s client organizations utilize. Here are a couple of links:
We also recommend checking with your IT professional for their recommendations.
Steps Members Should Take To Increase Secure Email Delivery
In select circumstances, individual members may maintain their email in an environment that may unintentionally impair your ability to deliver legitimate email to their inbox. The following are suggestions you may use to assist your member. These recommendations are likely unnecessary for the vast majority of members but if they undertake these steps, it won’t hurt.
Have the Member Add to Their “Whitelist”
The process is typically called "white listing" and it is a list maintained in their email system of domains that they wish to unilaterally accept emails from. The following domains/IP's should be white listed in your member's email system to ensure they receive the emails your organization is attempting to deliver to them:
- Your organization’s domain
Here are some links to the whitelisting process in some of the more popular email systems:
Please note that your member's email system may "filter" email before it reaches their email application so it is best that they consult with their IT professional to determine where the best location is to white list Membee's email domains.