Spam Resource: All Things Deliverability
I'm Al Iverson and I'm here to help. You've got questions about email deliverability? Find answers here! This is where I've been writing about email technology, sender requirements and best practices, email authentication, stopping spam, and more, for twenty-four years. And if you can't find an answer in one of the 1700+ articles here, drop me a line with your question, and I'll try my best to follow up. And don't forget to subscribe to my email newsletter, so that you'll get updated info pushed to your inbox weekly.
Half Wombat
From DMARCbis to DMARC: New DMARC RFCs

From DMARCbis to DMARC: New DMARC RFCs

DMARC has been updated! Three new RFCs have been published (RFCs 9989 , 9990 , and 9991 ) governing the latest incremental updates to the DMARC standard. TL;DR? It's all about the DNS tree walk, privacy concerns around failure reporting, and removing little used flags (PCT, RI, and RF). Open question: How quickly will mailbox providers implement support for this incremented spec? We shall see. Thankfully, these changes are backward compatible with the existing usage of DMARC, so nothing is about …

Email Auth

Google

Yahoo

Microsoft

Apple

Comcast

Permission

Vendors

Domains

Let's Learn

Let's Chat

Platforms

The Latest Deliverability News

From DMARCbis to DMARC: New DMARC RFCs

DMARC has been updated! Three new RFCs have been published (RFCs 9989 , 9990 , and 9991 ) governing the latest incremental updates to the DMARC standard. TL;DR? It's all about the DNS tree walk, privacy concerns around failure reporting, and removing little used flags (PCT,…

Troubleshooting 4 different types of Microsoft DKIM rejections

If your attempts to send email to Microsoft-hosted inboxes are bouncing back intermittently with authentication-related rejections; specifically highlighting that DKIM is failing, when you know you’ve got DKIM authentication correctly implemented: what do you do now? The actual…

CNIL open tracking restrictions are coming and complex

CNIL, France’s data protection and privacy authority , recently announced new restrictions and requirements related to open tracking (aka pixel tracking) and things are relatively complex. The TL;DR is that permission is required before tracking opens, there’s a potential exemp…

CU Boulder shutting down alumni email service

If you’ve got an active alumni email account from the University of Colorado Boulder, you might have already seen the announcement : Your alumni email account is going away as of August 31, 2026. This affects email accounts in the domain colorado.edu — not all accounts, as this…

Learn more about DMARCbis

DMARCbis: What is it and what do you need to know? It’s the updated version of the email authentication-related DMARC internet specification, and it modifies how DMARC works in a few small, but important, ways. If you’re curious to learn more, check out my latest Valimail &quo…

ICYMI: BIMI success stories and data

Curious about BIMI adoption rates? Looking for BIMI success stories? The fact is, BIMI helps boost email engagement. And if you’re looking for the data to make the business case for BIMI, this recent webinar has what you need to help you support the argument for implementing a …

More on DKIM2: VERP, async bounces, signatures and hops

As you might have seen me mention on Linkedin this week, I'm still working to fully wrap my head around DKIM2, specifically thinking about a couple of different things: the impact on DMARC and the impact on ESP platforms. Let me tell you what I know and what I don't kno…

GMX/WEB.DE/mail.com moving to inbound DMARC enforcement

Staff from mailbox provider GMX/WEB.DE/mail.com (1&1 Mail & Media GmbH) have just announced on the Mailop list that they'll begin enforcement of DMARC checks in a phased rollout over the coming weeks. What does this mean? It means that if you publish a DMARC polic…

Zeta: Q1 2026 Email Marketing Benchmarks

Zeta Global just posted their latest email and SMS benchmark report. Curious about open, click and unsub percentages across a whole bunch of industry sectors? Zeta's got that. Retail, Financial Services, Travel and Hospitality, Media and more. It's good stuff, especiall…

Microsoft DKIM Failures? Check for double headers

Another day, another issue with DKIM signatures. As has happened before, and as will likely happen again, everything looks great for an email message at mailbox provider A, but gets rejected or otherwise runs into trouble at mailbox provider B. If you’ve been in email deliverab…

DELIVTERMS: MTA-STS

It's time for another installment of our DELIVTERMS series here on Spam Resource, where we help you digest and understand the alphabet soup of email technology. Today, we're looking at MTA-STS (and TLS Reporting). MTA-STS stands for: Mail Transfer Agent-Strict Transpor…

Webinar Alert: When Email Deliverability Isn't Enough: Turning Trust Into Brand Impact

If you want to learn more about the value of and potential benefit from BIMI (Brand Indicators for Message Identification), the inbox logo standard that helps you build email trust and boost engagement with your subscribers, then this is the webinar for you! Join Al Iverson (Va…

Mickey Chandler: DKIM Failing at One Domain Is Not a Key Issue

My friend Mickey Chandler recently posted a great new blog post explaining what an email sender can do with DMARC aggregate reporting. Specifically, what the reporting can tell you with regard to troubleshooting mailbox provider-specific email authentication failures. What you …

What is DKIM2? What do you need to know?

There have been a few different blog posts, Linkedin posts, and email newsletters talking about DKIM2 lately. And oof, most of them seem to get one or more of the details wrong. People mean well, so let's forgive them -- this is a complex thing, and it's easy to misunde…

The Case for Reactivation (and Sunsetting)

We often talk about the importance of "keeping a clean house" when it comes to deliverability. But list hygiene isn't just about bouncing bad addresses; it’s about managing the entire subscriber lifecycle to ensure mailbox providers see you as a sender people actu…

Weird DKIM failures? Check your header lengths

If you’re running into issues with DKIM signatures failing when sending to Microsoft domains, but working fine elsewhere, one thing to check is that your various email headers aren’t too long or wrapped improperly. Postmark’s blog post from January touches on this very issue ; …

Interview with Sam Masiello

It was a pleasure to sit down for a special edition of the Valimail “Ask Al” video series for a Q&A with an old friend and industry veteran, Sam Masiello. Sam and I go way back to the early days of anti-spam and email security, but his career has since evolved into a securi…

Relief for marketers? Washington email law amended

If you've been following the legal landscape for email marketing, you're likely aware of the "litigation gold rush" happening in Washington State. Thanks to a strict interpretation of the Washington Commercial Electronic Mail Act (CEMA), even the smallest tec…

When Gmail broke the rules: What a two-day glitch taught us about user intent

Steven Lunniss, Director of Deliverability for email marketing provider Cordial, was able to answer a very important question back in January, thanks to an unexpected glitch. The question: What happens to engagement and subscriber sentiment when your email messages are unexpect…

Industry: Apple to enter B2B mailbox space, Amazon exits

Here’s a quick update on recent comings and goings in the business mailbox provider space. Amazon to wind down Workmail offering Amazon just announced that they are shutting down their corporate mailbox solution Workmail. The service officially ends just about a year from now,…

DELIVTERMS: Hashbusting

It is time to clarify another technical concept here on Spam Resource, in our series DELIVTERMS, where we decode email and related acronyms and terms, helping you better understand the messaging ecosystem that surrounds you. Today, the word we’re defining is: hashbusting . If y…

Dan Stevens: Why I Built a Flat-Rate ESP in 2026

My friend Dan Stevens (who founded email verification platform Kickbox and hired me there once upon a time) has rejoined the email community! After seeing him announce unMTA , I invited him to author a guest post here to share thoughts about his new venture and what his goals …

Choosing the Right Subdomain

What happens if you choose the wrong subdomain? Does everything explode and the submarine sinks to the bottom of the ocean? Not really, but there are indeed some considerations around choice of subdomain for your various types of email messages. I recently tackled this topic in…

Podcast Fun: 175 Years of Email Experience (and counting)

I recently sat down with a bunch of new friends to sit for a podcast recording. The podcast, Email’s Not Dead , is “about how we communicate with each other and the broader world through modern technologies.” Joining me on this adventure? Jonathan Torres, Eric Trinidad, Thomas …

Cool Tool: Sender Audit by Simon Bressier

Looking for an easy way to validate that your email is configured correctly? While technical compliance is only part of the deliverability equation (don’t forget our old friends reputation and engagement), it’s still very, very important to make sure you get it right: DNS confi…