I have a customer that has blocked Marketo's IP addresses (very strict guidelines, per their industry). They wanted to get our emails, but could really only do it from the IP level -- but if they whitelist our range of IPs, then they will get ~1000 other companies that share the server. It's not worth getting a dedicated ip for just one customer... I found some sort of regex whitelist, but they said they can't do regex whitelisting. Is there really no other alternative? I even met with the deliverability people from Marketo at Summit and they seemed to not have seen this much before -- which baffles me. Nation, help me -- tell me what's up!?
Whitelisting by DKIM signature is another account-specific method (and what I recommend above all else when it's available).
thanks Sanford Whiteman -- I found your recommendation in another thread (now that I had better keywords to search) and found your recommendation for
Ask them to whitelist DKIM-signed email From: your domain with the selector "m1" (m1._domainkey.example.com).
I'll see if that works.
I wish I had seen this sooner, I apologize the deliverability person you spoke to couldn't answer your question. This is lifted from an internal doc I developed to help our customers in just this situation. We either recommend the DKIM method that Sanford recommended or we recommend whitelisting the SMTP Mail From or envelope_from address.
This is typically something we present to customers who reach out to Support with this question since it requures you know which Marketo datacenter you are sending out of.
Sometimes customers push back and are unwilling to whitelist all of the Marketo network. It may be possible for a customer to whitelist something other than Marketo IPs to ensure delivery of their own email to their corporate network.
For this we recommend using regex version of the Return Path header. Because this header changes dynamically this regex creates wildcards where the dynamic information is.
Regex for whitelisting Return Path header by datacenter:
San Jose datacenter - "munchkin_id.(\d+.)*\email@example.com"
London datacenter - "munchkin_id.(\d+.)*\firstname.lastname@example.org"
Ashburn datacenter - "munchkin_id.(\d+.)*\email@example.com"
Sydney datacenter - "munchkin_id.(\d+.)*\firstname.lastname@example.org"
Director, Email Delivery & Compliance, Marketo, Inc.
This is lifted from an internal doc I developed to help our customers in just this situation.
Kiersti Esparza - any chance you're willing/able to share this internal doc with me and/or the community?
I'm trying to connect my IT colleagues with all the pertinent details here so we can create instructions to share with companies that want our emails to reach their recipients.