Inbox provider authentication requirements
This section covers the authentication requirements of the largest inbox providers: Apple, Google, Microsoft, Orange, and Yahoo.
- All of these providers check a sender's domain DNS
TXTrecords for the following authentication methods:- A Sender Policy Framework (SPF) list
- A DomainKeys Identified Mail (DKIM) signature
- A Domain-based Message Authentication, Reporting, and Conformance (DMARC) policy
- All require SPF and DKIM at any volume of messages.
- All but Orange require a DMARC policy for a daily volume of more than 5,000 messages.
- Orange requires a DMARC policy for a daily volume of more than 1,000 messages.
All of these providers use blocklisting.
- Apple uses Proofpoint
- Google uses its proprietary blocklist.
- Microsoft uses its proprietary blocklist and Return Path for Outlook domains.
- Microsoft uses its proprietary blocklist for 365 domains.
- Orange uses its proprietary blocklist and those of Abusix, Spamhaus, and Cloudmark.
- Yahoo uses Spamhaus.
Some of these providers offer a feedback loop (FBL). An FBL service provides senders with spam data so your lists can remain clean.
- Apple doesn't offer a FBL.
- Google offer an FBL using its Google Postmaster Tools (GPT).
- Microsoft doesn't offer a FBL.
- Orange uses the Signal Spam network. Twilio doesn't subscribe to this FBL.
- Yahoo uses an FBL based on the DKIM signature. Twilio allows the FBL to report back to us.
Google offers Google Postmaster Tools (GPT) so senders can monitor and improve the quality of email campaigns to Gmail recipients.
Apple offers Mail Privacy Protection (MPP) so recipients can hide their IP addresses and protect Mail app activity.
Microsoft offers senders their Junk Email Reporting Program (JMRP). This free service provides reports on junk email issues that Outlook.com users flagged.
Microsoft offers senders Smart Network Data Services (SNDS) that reports how subscribers rate the received email and how Outlook views the health of an IP address.