Salesforce邮件发进垃圾邮箱或未收到SF邮件处理方式 (DKIM - New CNAME Version)

前言】:在实施CRM项目时,经常会听到客户反馈诸如重置密码邮件没收到 / 进入到垃圾邮箱的问题,通常这对于我们开发人员来说很难协调客户一起去重现并点对点的解决这个问题,因此对于这类常见问题,通过广泛的调研与有效的实践后,本文将力图结合在Sales Cloud和Marketing Cloud以及Pardot等与Email相关问题给出可行的建议。

为什么会出现这种问题】:

在商业活动中邮件的目的大致分为以下三类:
a. 系统通知类,如重置密码,关单通知等;
b. 事务类,如发票邮件;
c. 商业推广类,如打折促销;

为了避免商业邮件乱象,市场监管者对邮件供应商提出了要求,用以避免消费者因收到诸如网络钓鱼,虚假欺诈等相关信息而造成潜在的财务损失,因此主要厂商通常会以下面方式做出响应:
a. 除平台特有的过滤规则外,允许用户自定义过滤规则(如a.com的拒收)及垃圾邮件的处理机制,如进入垃圾箱设定立即删除操作;
b. 通过IP来过滤邮件内容;

另外还涉及到防火墙设置等诸多企业安全因素。

因此当客户反馈未收到邮件,确实很难厘清是那个节点的问题,自然很难对症下药。

常见的解决方案】:

不过我们依然可以在可操作范围实施下面几点建议:

#1. 结合pardot等常用的市场营销工具,subject line避免使用特殊词汇(如:"alert", "notification", "approved" or "dollar signs")或大写subject line
#2. 导航到Setup >> Administer >> Email Administration >> Deliverability并同时勾选"Enable compliance with standard email security mechanisms"和"Enable Sender ID compliance"两个选项,如下图:

#3. 告知被拒邮件所属公司的邮箱管理员或IT部门检查企业邮箱相关设置(如有无特别过滤规则)或添加IP白名单
#4. 使用Email Relays[邮件中继],该过程由下面这个例子阐述再好不过:

假如我有两个邮箱,A: qq企业邮箱,和B: 公司outlook邮箱;由于在周末没有查邮箱习惯,经常会遗漏公司或客户的重要消息,这时如果能将B邮箱信息通过邮箱设置中的中转站中继到A中,这样我就可以很方便的在微信上接收通知了。相信很多人有配置邮件中转的经历,只是当第一次因垃圾邮箱查阅资料看到Email Relays就稍感陌生了。说白了,这个过程就是集成互联两个应用,在B中授权(开访问权限),在A中设定协议及B的账密信息。

#5. 搭建DKIM

a. 为什么要在SF中搭建SPF和DKIM?

When you have an external email sender, like Salesforce, send emails from email addresses that have your domain name it’s important to setup SPF and DKIM. Otherwise, the person receiving the message will have the email flagged for possible spoofing in their inbox. How this looks will vary depending on the person receiving it. Some corporate email servers automatically delete incoming emails that appear to be spoofing while others send them to the spam folder.

b. 如何配置DKIM?

  1. Navigate to the Salesforce Setup menu and type in DKIM in the quick find. Click DKIM Keys.
  2. Click Create New Key.
  3. Choose your key size. For selector enter salesforce. For alternative selector enter sfdc. For domain enter your domain name, in my case, paulbfischer.com. For domain match, choose what makes sense. I only plan on sending from email addresses with @paulbfischer.com so I’ll choose exact match. If you have email address with sub domains such as @salesforce.paulbfischer.com then you would choose exact domain and subdomains. Click save.
  4. It will take a minute for Salesforce to do its thing, and generate some CNAME entries that you need to setup.
  5. Give the page a refresh and you should see something like the image below.

    Note: this is the new way that Salesforce does DKIM. It does not generate long strings for public and private keys like it previously did.
  6. Next, let’s navigate to our domain name server (DNS) and go to the cpanel. In our example, I’ll being using NameCheap.com, but you can use GoDaddy or wherever you have your domain hosted.

  7. Before, we jump back to setup DKIM, let’s quickly configure SPF. In your zone editor for your domain look for an existing TXT record that has a v=spf1 statement. If it you don’t have one create one. If there’s an existing one edit it. Add include:_spf.salesforce.com to the spf statement.

  8. Now that we have SPF configured we’ll configure DKIM. After all, we don’t want any Salesforce org to be authorized to send emails from our domain, just our specific Saleforce org. Navigate back to Salesforce to the DKIM Key record. Copy the first part of the CNAME record line prior to “IN CNAME”. Now, switch to your DNS and paste it in to the first row entry for your CNAME.

    Go back to Salesforce and copy the 2nd part of the CNAME line–everything after “IN CNAME”. Then switch back to your DNS and paste it in and click save.

  9. Next, you have to wait. Your DNS needs to propagate these changes. When it does you’ll notice the “Activate” button on the DKIM record is no longer greyed out! Click it!

    We’re now all set. Let’s send a test email to ensure that emails we send out of Salesforce don’t get tagged for spoofing.

c. 实务中的交互流程

回到前言中的背景介绍,我们通过Sales Cloud为客户搭建的Email通知系统,我们测试时能收到通知邮件,但客户始终未曾收过,因此我们在SF中创建了DKIM记录,并将CNAME信息给到客户发布至DNS,一旦SF识别到发布在DNS的正确的CNAME后,Activate按钮由灰变成可访问。我们激活后,客户收不到SF发送的Email问题就被解决了。

问题复现的思路与最佳实践】:

由于前不久在spring 21的最新org上尝试flow新功能,刚好含Deletion特殊字眼的通知类邮件被发进垃圾邮箱了,因此意识到这是个用于实验的最佳契机。
Flow的功能为:当用户删除Closed Lost的Opportunity时,发邮件提醒Owner;

根据#1,2的建议尝试后,发现未奏效。
毕竟#1是Marketing Cloud和Pardot产品通用的考虑点,对于Sales Cloud没奏效情有可原,另外我们平时定义邮件模板时Subject中经常出现Notification字眼,在测试中也未见进入垃圾邮箱;
当然#2虽然不明觉厉,测试起来也很方便,于邮件接收者而言在视觉层面不会看到提到的ID字眼(这点是测试想要额外关注的功能表现);

对于#3,和官方态度一样,并不建议将SF用于Email Service的所有IP添加进白名单,我们不妨以收不到邮件或进入垃圾箱的Email地址在Test Deliverability中用受影响的用户邮箱进行IP测试,来获取需要添加哪些IP地址

 

值得注意的是,虽然当前org的locale设定是中国内地,但是IP地址并非在亚太区的IP范围;另外,虽然测试提示将发16封,第二次测试时,较第一次还是有差别,如下图:

特别注意】

由于Salesforce发送邮件的邮件服务器所在的IP地址随着服务请求量的增多会是不是的追加新IP地址,因此不保证一次性添加终生有效

参考链接】:

Test the Deliverability of Emails Sent Through Salesforce
SPAM, security configuration and problems when you send emails from Salesforce
Ensure you can receive email from the Salesforce application
Salesforce IP Addresses and Domains to Allow
Prevent Salesforce Emails from ending up in Spam Folder
Salesforce Email Relay: Prevent Your Emails Going to Spam
Tip of the Week – Avoid sending your Salesforce emails straight to spam
How to Setup Salesforce SPF and DKIM (New CNAME Version)
Best practices to setup DKIM

相关推荐
©️2020 CSDN 皮肤主题: 编程工作室 设计师:CSDN官方博客 返回首页