Email authentication for outgoing emails

Domain Keys Identified Message (DKIM) is a signature based email authentication technique used to verify if an email was sent from the domain the email sender address claims it was sent from. DKIM adds a digital signature linked to the domain name to outgoing email in Sage People.

Google and other email recipient servers check for these signatures to confirm that the sender actually sent the email. Email recipient servers for some organizations operate strict DMARC (Domain-cased Message Authentication, Reporting & Conformance) policies. Adding DKIM authentication improves email receivability.

In June 2016, Google announced planned implementation of a strict DMARC email authentication policy. The policy advised DMARC-compliant email servers to reject emails that use @gmail.com in the From address. These servers reject the messages when the emails don't originate from Google's mail servers. The policy impacts emails from your Salesforce org and originating from Salesforce mail servers but displaying an @gmail.com From address. If Salesforce sends these emails to recipients using DMARC-compliant email servers, the servers can reject the emails. Other major email service providers including AOL and Yahoo are also implementing DMARC policies.

How do I know if recipients aren't receiving emails from my Salesforce org?

You can configure a DMARC implementation to handle rejected emails by:

  • Bounce back

    Depending on the configuration, the system flags the recipient as having a bad address, or the From address sends a bounce notification

  • Discarding

    The sender can’t confirm receipt

  • Marking as spam

  • Delivering

To avoid potential non-delivery of emails, ensure you’re using a domain you control for all emails sent from your Salesforce org.

If external recipients aren't receiving emails from Salesforce, such as addresses hosted by gmail or hotmail, check the email authentication configuration in your Salesforce Org. Salesforce enables you to set up DKIM keys for emails you send out from your org; for more information, see Salesforce help content on best practices to setup DKIM.

You can find more information about setting up email verification through DKIM in this Sage People Community article: Email verification