Getting in the door at The Inbox

Community Manager
Community Manager

When I explain things, I like to do so using analogies.  Here is the one I like to use when people ask me how they can improve their deliverability.


So, imagine there's this hot new nightclub in town called The Inbox, and you really want to get in.  If you want to get past the doorman, you are going to need to be well-dressed, well-known and liked, you can't have a history of getting thrown out of bars for bad behavior, and you need a valid ID.  In deliverability terms, it breaks out like this:


  • Well-dressed - This is your content.  You don't want it looking spammy, so make sure your content and design are on point.
  • Well-known - This is your reputation.  Do people open and click on your emails?  Great!  People like you!  If your emails go straight to the trash over and over, however, this isn't good for your reputation, so it's best to focus your efforts on leads who opt in and interact with your content.
  • Don't get thrown out of the bar - Don't hit spam traps, stay off blacklists.  If you have a history of hitting spam traps, you'll get a rep as a troublemaker and they will stop letting you in.
  • Valid ID - This is your SPF and your DKIM.  You should have both set up because a lot of people won't let you in without it.


There's one more thing to consider - getting on The List.  You know how people cut to the front of the line and tell the doorman, "I'm on the list," and they get right in?  That's the whitelist.  Whenever possible, get your important customers to whitelist you.  If you have a dedicated IP, this is pretty easy.  If you are on the shared IP, this can be a little trickier.  Sometimes customers push back and are unwilling to whitelist all of the Marketo network. Fair enough.  In that case, it may be possible for a customer to whitelist something other than Marketo IPs to ensure delivery of Marketo email only from a specific instance.  For this we recommend using regex version of the Return Path header.  Because this header changes dynamically this regex creates wildcards where the dynamic information is.   Because the Return Path is specific to the Marketo instance, if you would like to use this option, contact Marketo Support and we can provide you with the regex Return Path header for your instance.

Is this article helpful ?


Not applicable

I love this analogy. Also, thank you for suggestion of regex return path header. I will be looking into this more.

P.S. This should be a blog

Not applicable

We need more articles like this. In my experience, customer email operations are often fiercely tactical and overworked. They often think using an automated blacklist is a panacea. I'm going to try offering them the RegEx Return Path even though I suspect many customer email operations won't have much experience with it. While I'm pretty familiar with RegEx, I'm not as versed when it comes to configuring a whitelist.

Hi Roxann,

Can you be a little more specific on whitelisting the regex return path ? What does it look like ? Will this approach work for every email system, including the oldest ones (we still see large companies using the good old IBM or Lotus Notes )?

Also, you write that it is instance specific, yet the doc says that we juts need to white list * So how is this different?

Thx in advance,


Community Manager

Hello Gregoire,

The regex return-path would be an alternative to the blanket listing of ',' which is generic and whitelists all of Marketo rather than specific instances.  The regex return-path header would look like this, though the domain would change based on the datacenter that hosts your instance:


Since this header changes dynamically for each email sent, this regex creates wildcards ((\d+.)*\d+) where the dynamic information is, and your munchkin ID makes it specific to your instance.  Support would provide you with the correct datacenter domain for your instance.

Community Manager

And yes, I believe this would work for older email systems as well as current ones.  I've not yet come across a situation where they were unable to use the regex header due to old technology.

Thx a lot :!

Level 10 - Community Moderator

Greg (and Roxann) remember that if your subscription uses a branded sender domain, then the envelope sender is not @* but rather at @ a sub/domain you provide.

Level 10 - Community Moderator

And yes, I believe this would work for older email systems as well as current ones. I've not yet come across a situation where they were unable to use the regex header due to old technology.

There are current systems that don't support whitelisting via regex.  Comodo Antispam Gateway is one.

Hi Sanford,

Thx, I had gotten this point