Best practices for email deliverability to government and .mil accounts.

Key findings

• Security priority: Government and military email systems prioritize security above all else. This often means default policies that break links, block images, and aggressively filter out what they perceive as commercial or unsolicited bulk email.
• DOD policy: The Department of Defense (DoD) has strict policies, including a general stance against communicating with non-.mil domains, making deliverability to military accounts particularly difficult, often impossible for bulk marketing.
• Outlook vs. Marketing Emails: Sales representatives sometimes believe direct Outlook emails have better success than marketing platform emails, but even one-to-one emails from non-.mil domains can violate policies and be blocked.
• Reputation scores: Many .gov domains use reputation systems like Talos Intelligence (formerly SenderBase) and may only accept mail from senders with very high scores (e.g., over 80/100), even if a sender is generally considered "Good" by the system itself. Maintaining a strong sender reputation is critical.
• Plain text preference: High-level government agencies often prefer or only render plain text emails due to the security risks associated with HTML content, including images and interactive elements.

Key considerations

• Policy awareness: Understand that you may not be able to overcome certain government or military policies, such as the DoD's general reluctance to receive emails from non-.mil domains or their tendency to break links.
• Content simplicity: Focus on plain text emails for critical communications. Avoid complex HTML, embedded images, and excessive linking, as these elements are often stripped or flagged by government spam filters. If you must use images, learn how to protect their deliverability.
• Authentication standards: Ensure your email authentication protocols (SPF, DKIM, DMARC) are perfectly configured. Government domains are highly sensitive to these, and misconfigurations can lead to immediate blocking. Learn more about DMARC, SPF, and DKIM.
• Compliance: Adhere strictly to email regulations like the CAN-SPAM Act and other relevant data privacy laws, as government entities are particularly vigilant about compliance.

Key opinions

• Inherent limitations: Marketers frequently find that some issues, such as broken links in Department of Defense (DoD) emails, are unfixable due to established security policies.
• High filtering: Many report that bulk marketing messages (or any non-person-to-person communication) are almost never successfully delivered to military domains.
• Whack-a-mole: The diverse and often opaque spam policies across various government accounts make it challenging to develop a consistent strategy, leading to a feeling of constantly addressing new problems.
• Sales rep misunderstanding: There's a common misconception among sales teams that sending emails from personal Outlook accounts circumvents these filters, which is generally not true for bulk or even one-to-one communications that violate policy.
• Transactional email concerns: Marketers question whether even essential transactional emails, like statements or payment confirmations, can reliably reach .mil addresses given the strict policies.

Key considerations

• List segmentation: Consider segmenting your audience and potentially suppressing all .mil emails from marketing lists, as many ESPs have historically done due to severe blocking and even legal requests. This might also involve avoiding certain email domains.
• Alternative communication: Explore alternative communication channels for reaching government and military contacts, as email may not be a reliable primary method for marketing or general outreach.
• Content adaptation: If email is essential, adapt your content to be extremely basic: plain text, no images, and no embedded links. Focus on delivering information directly rather than engaging through interactive elements. This can also help you prevent emails from going to spam.
• Manage expectations: Set realistic expectations for deliverability and engagement metrics when targeting these highly secure domains. Traditional email marketing KPIs may not apply.

Key opinions

• Near-zero deliverability for bulk: An expert with experience in the Air Force Reserves states that bulk marketing messages will almost never reach a .mil inbox, due to specific DoD policies against communicating with non-.mil domains.
• Mandatory suppression: A former ESP employee confirms that their organization proactively suppressed all .mil accounts, even citing a direct request from military legal and enforcement personnel for them to do so.
• High reputation threshold: Many .gov domains rely on systems like Talos Intelligence (formerly SenderBase) and set extremely high minimum reputation scores (e.g., 80/100) for incoming mail, meaning even a generally "Good" reputation might not be sufficient.
• IT gatekeepers: Even when an individual actively tries to allow non-.mil emails, the primary control rests with the government IT team managing the domain space, which heavily filters incoming mail.
• HTML rendering issues: Experts advise sending only plain text emails, as most high-level government agencies will not render any HTML due to inherent security risks.

Key considerations

• Prioritize security: When sending to .gov or .mil, assume the highest level of security and filtering. This implies that standard marketing tactics like tracking pixels, rich HTML, and embedded links may be ineffective or actively blocked.
• Domain reputation: Ensure your sending domain and IP addresses maintain an exceptionally high reputation. Continuously monitor your sender score, as even minor dips can lead to blocklisting. Regular blocklist checking is advised.
• Strict authentication: Verify that your SPF, DKIM, and DMARC records are impeccably set up and aligned. Government servers are very strict about email authentication, and failure can lead to rejection. Consider DMARC monitoring to ensure compliance.
• Engagement strategies: If you must send, focus on highly targeted, highly personalized emails rather than broad campaigns. Even then, expect significantly lower engagement metrics and prepare for manual follow-up via other channels.

Key findings

• Domain trust: Federal government websites explicitly state that .gov or .mil domains signify official government sites, implying a higher level of trust and security compared to commercial domains, and caution against sharing sensitive information on non-.gov/.mil sites. This translates to an inherent distrust of outside emails.
• Spam filtering tools: Government advice to consumers often includes using email filters and blocking unwanted senders, indicating that robust filtering is a common and encouraged practice within government systems themselves.
• Security protocols: Programs like the Bomb-Making Materials Awareness Program (BMAP) by CISA underscore a government-wide focus on restricting access to sensitive information and mitigating risks, which extends to aggressive email security.
• Compliance frameworks: Regulations like the CAN-SPAM Act set baseline rules for commercial email but government entities often layer additional, stricter internal policies that exceed these minimums due to national security and data integrity concerns.

Key considerations

• Official domain checks: Government websites like Farmers.gov clearly state that .gov or .mil domains signify official government sites. This implies that emails from non-.gov or non-.mil domains are inherently viewed with higher scrutiny, contributing to filtering.
• Risk aversion: Government entities operate on a principle of extreme risk aversion regarding cybersecurity. Any email from an unknown or potentially untrusted source is likely to be heavily scrutinized or blocked entirely, especially if it contains common vectors for attacks like links or rich HTML.
• Adherence to standards: Ensure your email sending infrastructure adheres to the latest and most stringent email authentication standards (SPF, DKIM, DMARC). While this won't guarantee delivery, it's a fundamental requirement for being considered legitimate by these secure networks. For more general advice, consult essential tools and practices for email deliverability.
• Information delivery methods: For critical information, documentation implicitly suggests alternative, more secure methods for sharing sensitive information online, such as ensuring you are on a .gov or .mil site. This highlights that email is not always the preferred or most reliable channel for official communications.