CRM and CX Blogs by SAP
Stay up-to-date on the latest developments and product news about intelligent customer experience and CRM technologies through blog posts from SAP experts.
Showing results for 
Search instead for 
Did you mean: 
Building a good sender reputation can take a lot of time but vice versa a good sender reputation can be burned very quickly. In this article I would like to give you a brief overview of what you can proactively do to protect your sender reputation and your email eco system.

1. Implement DMARC (Domain based Message Authentication, Reporting & Conformance)

When implementing DMARC to all domains you own you make it much harder for spammers and scammers to imitate your brand and send emails that shall make recipients think you are sending this email to them. As a best practice your aim should be the DMARC policy p=reject that offers the highest level of protection. However, if you are new to DMARC, the policies p=none or p=quarantine may be appropriate as a preliminary step to analyse the DMARC reports you are receiving first and then apply a stricter policy to avoid unforeseen issues with your email eco system. Please have a look at this article if you would like to read more about DMARC.

My recommendation: Do your brand, your company and last but not least your reputation a favour and implement DMARC. Also think of other domains you are not sending emails from. Domains used for other purposes that are not protected by DMARC can also be targeted by spammers and scammers. The DNS setup of your domains is publicly available for anyone on the internet and spammer and scammer look for non-secured domains. To protect your company and your brand in the best possible way, DMARC should be implemented for all your subdomains or your second-level domain, such as, so subdomains inherit it.

2. Protect your registration forms to avoid an email list bombing attack

Email list bombing attacks can do harm to your sender reputation and may negatively impact your deliverability for a longer period of time. It is therefore advisable to secure all your registration forms before one or more of them get targeted by such an attack. You can do this e.g., by implementing a Captcha, using a honeypot method or setting up a double opt-in process as described below. The linked article provides you with all the information you need including an explanation of what an email list bombing attack exactly is and what measure you can proactively take to prevent such an attack from happening to your company.

3. Implement a double opt-in (DOI) mechanism to allow only real contacts that want to receive your emails to enter your database

Whether implementing a DOI mechanism is appropriate for your business depends on the regions and markets you are operating in. In some countries a DOI process is the recommended best practice by local marketing associations while such a process is mostly unknown in other countries. Nevertheless, this is a good and proven measure to acquire only contacts that gave their explicit consent to receive your emails and it also helps validating your contacts for typos. This not only contributes to a healthier email marketing list but it also helps to maintain or even improve your email marketing KPIs, such as clicks, conversions or revenue attributed to email campaigns. A DOI process surely does not make much sense in markets where email recipients are not used to an extra step to confirm their subscription at all. But it may be an option for markets and countries in which local laws are stricter compared to other ones, although not requesting DOI, or local best practices encourage senders to implement a DOI mechanism.

Further reading on a related topic: You can find more information on how to build and maintain a quality email marketing list in this article.

What’s next?

Please leave feedback below and/or hit the “like” button to show this type of content is useful.

You can ask questions and provide suggestions for helpful email deliverability topics in the Q&A area Q&A – SAP Emarsys Email Deliverability.

And if you’d like to find out more SAP Emarsys, you can visit the community page: SAP Emarsys CX.