Why are Salesforce emails blocked or refused, and what are potential solutions?

Key findings

• Shared IP challenges: Salesforce Core often uses shared IP addresses, making senders vulnerable to the poor sending practices of others on the same infrastructure. This can lead to collective reputation damage and blocks.
• Reputation over technical setup: Even with correct SPF and DKIM configurations, emails can be blocked if the sender's (or shared IP's) reputation is poor. This suggests that technical authentication alone is insufficient for deliverability.
• Content and recipient engagement: The nature of the emails, whether opt-in or cold prospecting, significantly impacts deliverability. Non-opt-in lists or high complaint rates can quickly damage sender reputation, leading to blocks.
• Salesforce's evolving standing: There are indications that Salesforce's own deliverability reputation might be declining, with reports of them allowing more non-opt-in lists and reduced enforcement against spamming, potentially impacting their overall standing with email providers.

Key considerations

• Assess current email practices: Before considering platform changes, thoroughly evaluate your list hygiene, email content, and opt-in processes. Poor internal practices can negate any platform benefits. Learn more about why your emails are going to spam.
• Understand Salesforce's infrastructure: Recognize that Salesforce Core's shared IPs can be volatile. If deliverability is critical and volume is high, consider dedicated IP options if available, or alternative sending services.
• Monitor sender reputation: Regularly monitor your IP and domain reputation. Tools can help track blocklist appearances and overall sender health. A deeper dive into understanding your email domain reputation can be beneficial.
• Consider email relay or dedicated sending platforms: For critical transactional emails or if shared IP issues persist, using an external email service provider (ESP) or implementing email relay can provide more control over sending reputation. Salesforce Ben provides guidance on Salesforce email deliverability best practices.

Key opinions

• Shared IPs as a major issue: Many marketers believe that Salesforce Core's shared IP addresses are inherently problematic, likening them to a dumpster fire due to potential reputation damage from other users.
• Beyond technical fixes: If SPF and DKIM are correctly configured but issues persist, marketers often conclude the problem is reputation-related, not technical, indicating broader sender behavior problems.
• Impact of sending practices: The type of mail being sent (e.g., opt-in versus cold prospecting) is frequently highlighted as a critical factor influencing deliverability, regardless of the platform.
• Consideration of alternative platforms: Some marketers suggest moving to other sending services, like Pardot or dedicated email service providers (ESPs), to gain more control over email reputation and avoid the pitfalls of shared Salesforce IPs.

Key considerations

• Prioritize list hygiene and opt-in: Regardless of the sending platform, maintaining clean, opt-in lists and strong form security is paramount for good deliverability. Learn how to boost your email deliverability rates.
• Evaluate Salesforce offerings: Consider if Salesforce Marketing Cloud (SFMC) or Pardot offers a better fit for your email volume and strategic needs, as they often have more robust deliverability teams than Salesforce Core (SFDC).
• Explore external sending services: If internal filtering or Salesforce's shared infrastructure remains an issue, integrating Salesforce with a third-party email service provider for sending can mitigate problems. Barracuda Campus offers insights on how to use content filters to allow Salesforce emails and avoid blocking.
• Monitor deliverability metrics: Regularly review bounce rates, complaint rates, and inbox placement to detect issues early. Using a free online email testing tool can provide valuable insights.

Key opinions

• Reputation is key: Experts emphasize that if technical configurations like SPF and DKIM don't resolve blocking, the issue is almost certainly related to sender reputation, whether individual or shared IP-based.
• Salesforce Core's IP status: The shared IP infrastructure of Salesforce Core is widely considered problematic, often affecting deliverability due to the actions of other senders.
• Decline in Salesforce's reputation: Some experts observe that Salesforce may be experiencing more delivery problems due to a perceived increase in allowing purchased or non-opt-in lists and reduced action against platform spamming.
• Abuse handling concerns: There are strong opinions that Salesforce's abuse handling practices have been inadequate for years, contributing to persistent deliverability challenges for its users.

Key considerations

• Focus on sender reputation: Even when using a platform like Salesforce, an expert approach involves diligent list hygiene, compliance, and consistent monitoring of how long it takes to recover domain reputation.
• Understand the impact of shared IPs: For senders using shared IPs, it is crucial to recognize that their deliverability can be impacted by others' behavior. Consider this when choosing a sending strategy within Salesforce.
• Implement DMARC for visibility: Experts often recommend implementing DMARC with reporting (p=none) to gain insights into email authentication results and potential spoofing, which can indirectly affect reputation. Use a free DMARC record generator tool to get started.
• Stay informed on platform changes: Keep up-to-date with any changes in Salesforce's deliverability stance, certifications, or abuse handling, as these can directly affect email performance. Word to the Wise provides insights into reputation management for email senders.

Key findings

• Authentication is foundational: Salesforce documentation consistently recommends configuring SPF, DKIM, and DMARC to authenticate outbound emails and improve deliverability.
• External filtering impact: Emails sent from Salesforce are subject to the inbound filtering policies of recipients' email gateways, necessitating proper content filters to allow them through.
• Email relay as a solution: For enhanced control and deliverability, especially for transactional emails or integrating with specific mail servers (e.g., Office 365), configuring email relay is a documented solution.
• Importance of internal policies: Internal email security settings and spam controls within an organization can inadvertently block legitimate Salesforce emails, requiring specific configurations to avoid this.

Key considerations

• Verify authentication records: Ensure your SPF and DKIM records are correctly published and aligned with Salesforce sending domains. Missing or misconfigured records can lead to immediate blocking. Review a simple guide to DMARC, SPF, and DKIM.
• Configure email relay if needed: For specific deliverability needs or integration with existing email infrastructure (e.g., Microsoft 365), set up Salesforce email relay to send through your own mail servers, which can enhance control and trustworthiness. This is crucial for resolving Microsoft domain deliverability issues from Salesforce.
• Adjust internal email gateway settings: For internal recipients, ensure that your organization's email gateway defense or content filtering policies are configured to allow emails originating from Salesforce IPs or domains, as they may be initially flagged as external.
• Regularly review Salesforce deliverability tips: Stay updated with Salesforce's official guidance on email deliverability, which often includes best practices and changes in their sending environment to mitigate blocking issues. Forvis Mazars provides helpful Salesforce email deliverability tips.