Why are my emails from e2a going into Junk/Spam?
Sending Emails from Salesforce
When sending emails from within Salesforce, if we have not set up the configuration right, we can meet certain unwanted scenarios, i.e. our emails falling into junk/spam folders when received in an external mailbox i.e. Gmail or Outlook. Due to this, emails might go unnoticed or responses to customers could be delayed. There are different methods you can use to make sure your emails are properly authorized and routed.
Setting up Salesforce to Send Emails
For sending emails from Salesforce (outbound), we need to set up our Salesforce org in a way that it is authorized to send emails. There are a couple of solutions - scenarios provided by Salesforce, which can be configured according to one's use-case/situation. Please make sure to have configured the right solution in your Salesforce Org, according to your situation.
- Here is a Salesforce Help page link, explaining what is the best solution to go with according to your situation: https://help.salesforce.com/articleView?id=emailadmin_send_email_from_salesforce_options.htm&type=5#language-combobox
Here are the different settings according to different scenarios explained with help page links:
Scenario 1: Setting up Sender Policy Framework (SPF) Record for your Email Domain
If your company owns an email address domain (i.e. @ortooapps.com), you can set up a Sender Policy Framework (SPF) record to authorize Salesforce.com to send emails.
Check out these help pages to learn more about setting up an SPF record:
- https://help.salesforce.com/articleView?id=000315520&type=1&mode=1
- https://help.salesforce.com/articleView?id=emailadmin_send_through_salesforce_setup.htm&type=5#language-combobox
- https://help.salesforce.com/articleView?id=emailadmin_spf_include_salesforce.htm&type=5
Salesforce-specific DKIM setup
1. Open the DKIM setup page
In Salesforce Classic or Lightning, go to Setup → in Quick Find box type DKIM → click DKIM Keys
Create a new DKIM key
Click Create New Key
Selector: pick a short label (e.g. salesforce)
Alternate Selector: pick a short label (e.g. ortoosalesforce)
Domain: enter ortooapps.com (or whatever exact domain you’re signing)
Key Size: 1024 or 2048 bits (2048 is stronger)
Save — Salesforce will generate a key pair and show you two DNS CNAME records to add
Note. this may require refresh of the page and the CNAME records that are then shown look a bit odd e.g.
salesforce._domainkey.ortooapps.com IN CNAME salesforce.8crik4.custdkim.salesforce.com.
The "salesforce._domainkey" should be the name and "salesforce.8crik4.custdkim.salesforce.com." the value
2. Publish the DNS records
In your DNS provider (e.g. Route 53, GoDaddy, Cloudflare), create the two CNAME records exactly as shown in Salesforce.
These records point your selector subdomain (e.g. salesforce._domainkey.ortooapps.com) at Salesforce’s public key store.
Activate the DKIM key
Wait for DNS propagation (usually < 1 hour).
Back in Setup → DKIM Keys, click Activate next to your new key.
Salesforce will test for the DNS entry and, on success, begin signing all outbound mail from that org.
3. Verify
Send a test email to a mailbox you control.
Inspect the headers for a DKIM-Signature: header covering d=ortooapps.com and your s= selector.
Scenario 2: Setup Email Relays
You can set up an email relay for Salesforce-generated email by configuring Salesforce to automatically route email through your company’s Simple Mail Transfer Protocol (SMTP) server. If your company sends emails from more than one email domain (i.e.@companyname.com), you can configure an email relay for each domain. Below is the help site link which explains all about setting up Email Relays.
When to Use?
When you want your users to see the emails they’ve sent from Salesforce in their company email Sent Items folder. Also, routing all email through your own email servers prevents the appearance of email spoofing by Salesforce (email spoofing is the forging of email headers to make messages appear as if they came from someone other than the original sender).
Scenario 3: Enable Sender ID Compliance
In the Salesforce Deliverability setting, enabling 'Enable Sender ID Compliance' will authorize Salesforce to send emails on your behalf. Check out this help page to learn more about enabling this setting:
When to Use?
- If your company doesn’t own its email address domain, and the domain name ends in @gmail.com, @aol.com, or @yahoo.com, register for a domain that your company controls.
- It's recommended to enable Sender ID compliance only if you have recipients using the Sender ID email authentication protocol, which isn’t widely used.
Note
Enabling this setting will populate the Sender field with 'no-reply@salesforce.com' and the recipient's email client may append the phrase “Sent on behalf of” to the “From:” field of emails received from Salesforce.
Please contact us at support@ortooapps.com for any questions.