When email was first designed, security was not considered important and up until fairly recently it was still possible to send an email from any address and get away with it.

However, as spam, phishing and spoofing attacks by email have become increasingly common there have been various attempts to make email more secure.  In the last year or so the major providers (AOL, Google, Microsoft etc.) have all seriously tightened their security and authentication requirements for validating and receiving email.  The result of this is that a lot of legitimate email is now being classified as spam or rejected by those providers.  In order to ensure that your email continues to be marked as legitimate and received by these larger providers it is now almost essential that you implement SPF, DKIM and DMARC on your domains otherwise many of your recipients will never see the emails you are sending!

As an implementer of CiviCRM I've had to learn all this pretty quickly...  There's a lot of detailed information out on the web but hopefully this post covers what you actually need to know to make sure your clients emails are delivered and read!

Read the rest of my blog post here.

ToolsCiviMailDrupalSecurityWordPress