When I logged into the Marketo instance of one of my clients today a message popped up that said something about the need to make changes soon (the pop-up disappeared when I clicked for details - sorry to be so vague). The details page led to this page and I'm confused about what we may or may not have to do and would appreciate clarifiication:
Configure Protocols for Marketo Engage
https://experienceleague.adobe.com/docs/marketo/using/getting-started-with-marketo/setup/configure-p...
As far as I can see, we are already set with regard to Steps 1-3. These things were configured years ago when we initially launched Marketo. I have never seen a Marketo instance that didn't have a CNAME configured for use in landing page URLs, so that the landing pages appear in URLs that reflect the company's domain and not Marketo - though I gather from all the announcements that such instances exist.
Is there anything I should be double-checking with regard to Steps 1-3?
Where I could particularly use advice is with regard to Step 4 - Set Up DMARC. I am unfamiliar with DMARC. Is it strongly recommended that we set this up? If so, which of the two types of alignment for DMARC should we use - DKIM alignment or SPF alignment? How would we decide? I'm struggling to understand this.
Thanks for any insights!
Solved! Go to Solution.
I have never seen a Marketo instance that didn't have a CNAME configured for use in landing page URLs, so that the landing pages appear in URLs that reflect the company's domain and not Marketo - though I gather from all the announcements that such instances exist.
Yes, it happens. Most often with sandboxes in my experience, where branding isn’t so important.
Where I could particularly use advice is with regard to Step 4 - Set Up DMARC. I am unfamiliar with DMARC. Is it strongly recommended that we set this up? If so, which of the two types of alignment for DMARC should we use - DKIM alignment or SPF alignment? How would we decide? I'm struggling to understand this.
A standard shared Marketo instance cannot use SPF alignment.
You can always use DKIM alignment.
Even in cases where you could hypothetically use SPF alignment — because you have a branded envelope sender and could use the same domain in the From: header — just concentrate on DKIM. DMARC only requires one or the other.
I have never seen a Marketo instance that didn't have a CNAME configured for use in landing page URLs, so that the landing pages appear in URLs that reflect the company's domain and not Marketo - though I gather from all the announcements that such instances exist.
Yes, it happens. Most often with sandboxes in my experience, where branding isn’t so important.
Where I could particularly use advice is with regard to Step 4 - Set Up DMARC. I am unfamiliar with DMARC. Is it strongly recommended that we set this up? If so, which of the two types of alignment for DMARC should we use - DKIM alignment or SPF alignment? How would we decide? I'm struggling to understand this.
A standard shared Marketo instance cannot use SPF alignment.
You can always use DKIM alignment.
Even in cases where you could hypothetically use SPF alignment — because you have a branded envelope sender and could use the same domain in the From: header — just concentrate on DKIM. DMARC only requires one or the other.
Thank you, @SanfordWhiteman!
Regarding DMARC - do you strongly recommend we implement this? I honestly don't fully grasp what it is and am trying to figure out if I should recommend it to my client(s). What do you think?
Okay. Thank you!
This pop up is actually referring to allowlisting Adobe domains to continue being able to access Marketo. The system is detecting they have one or more of these domains blocked. If they don't allowlist these domains, Marketo may not be able to load in their browser.
If you or your organization use restrictive firewall or proxy server settings, you or your network administrator may need to allowlist certain domains and IP address ranges to ensure Adobe Marketo Engage works as expected.
For help implementing the protocols below, please share this article with your IT department. If they restrict web access using an allowlist, make sure they add the following domains (including the asterisk) to allow all Marketo resources and websockets:
*.marketo.com
*.marketodesigner.com
*.mktoweb.com
*.experience.adobe.com
*.adobe.net