2 of 2 people found this helpful
Whitelisting by DKIM signature is another account-specific method (and what I recommend above all else when it's available).
thanks Sanford -- I found your recommendation in another thread (now that I had better keywords to search) and found your recommendation for
Ask them to whitelist DKIM-signed email From: your domain with the selector "m1" (m1._domainkey.example.com).
I'll see if that works.
I wish I had seen this sooner, I apologize the deliverability person you spoke to couldn't answer your question. This is lifted from an internal doc I developed to help our customers in just this situation. We either recommend the DKIM method that Sanford recommended or we recommend whitelisting the SMTP Mail From or envelope_from address.
This is typically something we present to customers who reach out to Support with this question since it requures you know which Marketo datacenter you are sending out of.
Whitelisting without using IPs
Sometimes customers push back and are unwilling to whitelist all of the Marketo network. It may be possible for a customer to whitelist something other than Marketo IPs to ensure delivery of their own email to their corporate network.
For this we recommend using regex version of the Return Path header. Because this header changes dynamically this regex creates wildcards where the dynamic information is.
Regex for whitelisting Return Path header by datacenter:
San Jose datacenter - "munchkin_id.(\d+.)*\firstname.lastname@example.org"
London datacenter - "munchkin_id.(\d+.)*\email@example.com"
Ashburn datacenter - "munchkin_id.(\d+.)*\firstname.lastname@example.org"
Sydney datacenter - "munchkin_id.(\d+.)*\email@example.com"
Director, Email Delivery & Compliance, Marketo, Inc.