Day: May 28, 2024 | The Blog Pros

May 28, 2024

Do Your Emails Comply With Google & Yahoo’s New Email Sending Requirements?

In February 2024, Gmail and Yahoo Mail began enforcing new rules to protect email recipients and help keep their inboxes safer and less spammy.

These rules require all email senders to adhere to specific guidelines to ensure email deliverability.

This comprehensive guide explains what these new requirements are and how they affect your business.

We’ll cover:

Google & Yahoo’s New Email Sending Requirements

In October 2023, Gmail’s Security & Trust Group Product Manager Neil Kumaran announced on Google’s blog that from February 2024 email senders would need to authenticate their emails, allow for easy unsubscription (bulk senders), and stay under a reported spam threshold in order for their emails to be delivered to Gmail addresses.

As these requirements are now in effect, ignoring them will see your mail being automatically rejected or sent to the recipient’s spam folder.

According to Neil, although Gmail’s detection tools prevent 99.9% of spam, phishing and malware from reaching inboxes and block almost 15 billion unwanted emails every day, the service is now facing ever more complex threats than it did since the service launched in April of 2004.

As Neil states on Google’s blog…

“As basic as it sounds, it’s still sometimes impossible to verify who an email is from given the web of antiquated and inconsistent systems on the internet.”

The new email sending requirements are designed to help users keep their inbox safer and more spam-free.

This initiative to combat fraudulent or spammy email by placing more stringent requirements on email senders is not coming solely from Google, however. Industry partners like Yahoo have also joined in to work alongside Google and the rest of the email community to make these new requirements industry standard and a basic email hygiene practice.

Yahoo’s email sender best practices contains similar recommendations to Google’s and includes a link to a a comprehensive guide on Senders Best Common Practices from the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG), an organization committed to helping industries fight and prevent online abuse.

This document is aimed at anyone involved in the delivery and compliance of electronic communications, including marketing and management personnel. It is worth downloading and covers the latest and most effective recommended practices for sending commercial electronic messages.

So, what are these new requirements and how do they affect your business?

Essentially, the main requirements can be summarized as follows:

Your spam complaint rate needs to be under 0.3%.
Authentication using SPF, DKIM, and DMARC (Bulk email senders) is now required.
You must have a one-click unsubscribe option and remove people requesting to be unsubscribed from your list within 1-2 days (Bulk email senders).

Additional requirements for all email senders include:

Ensuring that sending domains or IPs have valid forward and reverse DNS records, also referred to as PTR records.
Use a TLS connection for transmitting email.
Format messages according to the Internet Message Format standard, RFC 5322

There are additional requirements for bulk email senders.

You can read Neil Kumaran’s post here and check out Google’s email sender guidelines and Yahoo’s email sender best practices to learn how to successfully send emails to personal Gmail and YahooMail accounts.

Understanding SPF, DKIM, and DMARC

Implementing SPF, DKIM, and DMARC protocols enhances email deliverability, safeguards sender reputation, and ensures that emails reach recipients’ inboxes securely.

If you are not familiar with SPF, DKIM, and DMARC, here’s an overview:

SPF

SPF (Sender Policy Framework) is a protocol that verifies sender authenticity by checking if an email originated from an authorized server.

It ensures the legitimacy of email senders by validating a sender’s identity through cross-referencing the IP address of the sending mail server with a predetermined list of authorized sending IP addresses contained within the DNS record.

SPF Record Process — SPF authentication process.

DNS records essentially act as a directory that maps domain names to their respective IP addresses and can include instructions on handling requests directed towards that domain.

By verifying the authenticity of the sender’s identity against authorized sending IP addresses listed in the DNS record for a domain, SPF helps to prevent email spoofing and enhanced deliverability by reducing the likelihood of emails being blacklisted or marked as spam.

Here are the steps involved in creating an SPF record for email authentication:

1. Gather Information: Collect the IP addresses of all servers authorized to send emails on behalf of your domain. This includes your own mail servers, third-party email service providers, and any other servers used for sending emails.

2. Identify Sending Domains: Make a list of all domains used to send emails, even if not currently active. This prevents domain spoofing attempts.

3. Create SPF Record Syntax:

- Start with the version tag: v=spf1
- Add authorized IP addresses: e.g. ip4:192.0.2.0
- Include third-party senders: include:thirdparty.com
- Specify SPF policy: -all (hard fail) or ~all (soft fail).

After following the above steps, your SPF record should look like the example shown below:

v=spf1 ip4:192.0.2.0 include:thirdparty.com -all

Note: SPF records should be under 255 characters and limited to no more than ten include statements.

4. Publish SPF Record to DNS: Access your DNS management console provided by your domain registrar or hosting provider, add a new TXT record with your domain’s hostname and the SPF record syntax, and save the changes.

5. Test SPF Record: Use SPF check tools (e.g. EasyDMARC’s SPF Record Checker) to check if the SPF record is present or not and ensure that all legitimate sending IP addresses are listed and correctly formatted.

DKIM

DKIM (DomainKeys Identified Mail) is an email authentication method that adds a digital signature to outgoing emails.

This signature is validated by the recipient’s mail server, ensuring the email’s integrity and authenticity. DKIM prevents email tampering and strengthens email deliverability by reducing the chance of emails being flagged as spam or phishing.

Diagram illustrating how DKIM works — DKIM verification process.

DKIM is like a digital signature for emails, a way for the sender (you) to prove they really sent the email and that it hasn’t been changed by anyone in between.

A DKIM Signature Header typically includes several elements represented by tag=value pairs.

Here’s an example that illustrates the essential components necessary for email authentication through DKIM:

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=example.com; s=dkim1; h=From:To:Subject:Date; bh=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; b=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY

Explanation of each element:

v=1: Version of the DKIM specification being used.
a=rsa-sha256: The cryptographic algorithm used to generate the signature.
c=relaxed/relaxed: Canonicalization methods used for the header and body of the email.
d=example.com: The domain that owns the DKIM key pair.
s=dkim1: The DKIM selector, which indicates the specific key used for signing.
h=From:To:Subject:Date: List of header fields included in the signature.
bh=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX: The hash of the body of the email.
b=YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY: The actual digital signature generated using the private key associated with the selector.

Here are the steps involved in creating a DKIM record:

1. Generate DKIM Keys: Use a DKIM key generator tool provided by your email service provider or a third-party service (see list below). This generates a public and private key pair.

2. Publish Public Key to DNS:

- Log in to your DNS management console provided by your domain registrar or hosting provider.
- Navigate to the DNS settings for your domain.
- Add a new TXT record with the DKIM selector as the subdomain name and the public key as the record value. The selector is usually provided by your email service provider and is specific to your DKIM configuration.

Example DKIM record:

selector._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2h9gFo3... (long string)"

3. Verify DKIM Record: After adding the DKIM record, verify its correctness using DNS lookup tools and ensure that the TXT record contains the correct DKIM selector and public key.

4. Test DKIM: Send test emails from your domain and verify that they pass DKIM authentication checks using email authentication testing tools.

Here are some tools you can use to generate DKIM keys:

DMARC

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a protocol that helps protect email domains from being used for phishing, spoofing, and other malicious activities, and builds on SPF and DKIM to provide additional email authentication and reporting capabilities.

DMARC helps to make sure that the emails you send are really from you. If someone tries to fake your email address, DMARC helps block those phony messages from reaching others, keeping your email reputation safe and sound.

DMARC:

Improves email deliverability by allowing senders to monitor and enforce email authentication policies.
Allows domain owners to specify a handling policy for emails that fail SPF and DKIM checks, enhancing transparency and security, and reducing spoofing and phishing attempts.
Allows domain owners to receive alerts when unauthorized parties misuse the domain for email spoofing, protecting their brand’s reputation.

To pass DMARC’s criteria, SPF and DKIM must be properly configured for the email’s From domain. The From domain must then match the authenticated domain by SPF or DKIM.

How to implement DMARC

1. Define DMARC Policy: Decide on the DMARC policy you want to enforce. DMARC offers 3 policy options:

- None: Monitoring mode only, no actions are taken if an email fails DMARC.
- Quarantine: Suspicious emails are sent to the spam/junk folder.
- Reject: Suspicious emails are rejected outright.

2. Generate DMARC Record: Create a DMARC TXT record with your chosen policy. Use the following syntax:

_dmarc.example.com. IN TXT "v=DMARC1; p=none; rua=mailto:your@email.com; ruf=mailto:your@email.com"

- Replace example.com with your domain.
- v=DMARC1: Indicates the DMARC version.
- p=none/quarantine/reject: Defines the policy.
- rua: Specifies the email address to receive aggregate reports.
- ruf: Specifies the email address to receive forensic reports.

3. Publish DMARC Record to DNS: Log in to your DNS provider’s dashboard.

- Navigate to your domain’s DNS management section.
- Add a new TXT record with the host _dmarc and the value as the DMARC record you generated.

4. Verify DMARC Record: Use DNS lookup tools to ensure the DMARC record is correctly published and propagated.

5. Monitor Reports: Regularly check the aggregate and forensic reports sent to the email addresses specified in the DMARC record. These reports provide insights into email authentication failures and help fine-tune your DMARC policy.

Notes:

Be very careful when creating a DMARC record, as any misconfiguration will negatively impact your email delivery. We recommend following these guidelines from Google when starting out with DMARC.
Make sure that SPF and DKIM are authenticating emails for at least 48 hours BEFORE enabling DMARC.

Here are some free tools you can use to create, verify and validate DMARC records:

DMARC Tools by dmarcian.
DMARC Record Lookup and Checker by EasyDMARC
DMARC Digests – If you set up a DMARC reporting address, using your personal or business address is not recommended, as your inbox will be flooded with unintelligible emails. Instead, consider signing up for a DMARC reporting tool to ensure that you have properly authenticated all the tools you use to send email.

Email Verification Examples

Now that we have defined what SPF, DKIM, and DMARC mean, let’s look at some actual examples of these protocols in action, so you can better understand why your emails may or may not be reaching their intended recipients.

Emails Not Reaching Recipients

First up, let’s look at an obvious spam email sent to a Gmail address. This will help us understand how Gmail and other email providers automatically filter out junk email.

Here’s an email sent to my personal Gmail address that never even made it to my inbox. Gmail filtered it and sent it directly to my SPAM folder.

Example of SPAM email — Skin Tags? Is this a taxonomy for my physiognomy?

Let’s ignore the fact that this is an obvious spam email and look at the email header to see why Gmail’s automated tools detected and flagged it as spam.

To do this, view the email in your Gmail account (don’t click on any links in the email, of course!), click on the vertical ellipsis icon, and select Show original from the menu options …

Gmail options - Show original — Let’s take a look under the hood of this junk email to see what’s going on…

As you can see, this email did not meet Gmail’s DKIM policy requirements.

Gmail email header - DKIM fail record — DKIM Fail … this poor email never even had a chance of reaching its intended target!

Compliant Emails

For comparison, here’s the header of an email sent to my business Gmail address by a compliant sender. As you can see, this company has met all of Gmail’s requirements for safe email delivery.

Gmail - valid email headers — This sender’s email meets all the requirements to reach my inbox.

Using Verification Tools

As mentioned earlier, there are a number of great tools you can use to check and/or troubleshoot whether your email domain (or the email domain of a client or third-party service) meets the required protocols compliance with email sender guidelines.

Check SPF, DKIM & DMARC

For the examples in this section, we’ll use the free tools from dmarcian.com.

Head on over to dmarcian’s free tools section, and click on their Domain Checker tool…

dmarcian.com free tools - Domain Checker — Use Domain checker to verify the status of an email domain’s SPF, DKIM, and DMARC records.

Enter the email domain name into the field (only the domain, no address@) and click Check Domain …

dmarcian.com = DMARC Domain Checker — Let’s see how compliant WPMU DEV’s emails are.

The tool performs checks similar to those done by mailbox providers like Google, Yahoo, and Microsoft and displays results that show if the email domain’s records meet SPF, DKIM, and DMARC requirements or not.

DMARC Domain Checker results — WPMU DEV complies fully with all email sending guidelines and requirements … but you already knew that, right?

If an email domain fails to meet the checks, you will see a result similar to the one shown below.

DMARC not verified result — Use these tools to troubleshoot email deliverability issues or to confirm if emails are coming from fraudulent senders.

Occasionally, you may get a message similar to the one shown below. The message below infers that your emails meet the check and will still get delivered, but you may want to use the company’s services to ensure full compliance.

Example of a valid DMARC record message with an upgrade pitch.

Here’s one more useful tip to keep in mind if you run a test on your email domains and get a DKIM check result as shown in the screenshot below…

dmarcian Domain Check result - DKIM missing selector — This result FOR A DKIM check shows there’s a missing selector.

In the above check, the tool couldn’t find DKIM records for the email domain because there’s a missing selector. A selector is normally included in the DKIM record when a compliant email is sent.

To find a selector to complete this check, do the following:

Fire up your email account and find an email sent by the domain you are checking. In this example, we’ll use Gmail.
Click on the vertical ellipsis icon, and select Show original from the menu options
Scroll down past the Internet headers section until you get to the jumble of code.
Look for the s= part of the DKIM Signature Header. This is your selector

Example of email header with DKIM signature header selector highlighted. — It’s like looking for a selector needle in an email header haystack!

Copy the selector portion and paste it into the DKIM checking tool, then click the Inspect DKIM button.

DKIM check results with selector added. — Add your selector to the DKIM checking tool and click the button.

That should fix it and get your email to pass the DKIM check.

Example of valid email domain DKIM check — Adding the selector validated the DKIM check … This email meets the requirements!

Click the Details link to view more details about the results.

Valid DKIM Record — This DKIM looks proper and prim!

Check PTR

A DNS pointer record, abbreviated as PTR, serves to link an IP address with its corresponding domain name. Unlike the ‘A’ record, which maps domain names to IP addresses, the PTR record performs the reverse function by associating IP addresses with domain names.

To check that sending domains or IPs have valid forward and reverse DNS records as required, first locate and copy the sending email domain’s IP address in the email header …

Email domain IP address — Here’s the IP address of the domain that sent our example email.

Then paste it into a Reverse DNS lookup tool, like MXToolbox.com to check if the PTR is valid …

MXToolbox.com - Reverse Lookup — Run a reverse lookup on the IP address to check PTR validity.

While the above checks will give you the right information, we also recommend testing your email for spammyness. This will help to ensure optimal deliverability for your emails.

We recommend using a service like Mail Tester (they also have an SPF & DKIM checking tool).

Hopefully, this guide has given you a basic grasp of what SPF, DKIM, and DMARC mean and how to use tools to check the validity of email domains and troubleshoot potential issues.

If you use (or plan to use) WPMU DEV’s Webmail or Email Hosting services, then check out our guide on how to optimize email deliverability using WPMU DEV’s email services.

Best Email Sending Practices

If you plan to do any kind of bulk mailing, here’s an overview of key email sending practices to follow to stay compliant with the new guidelines:

Subscriptions: Only send emails to those who have opted in. If you are a qualified bulk email sender, you can use a free tool like Google’s Postmaster Tools to avoid spam markings and regularly access data and diagnostics about Gmail delivery errors, spam reports, feedback loop, and more to ensure that any complaint rates remain under 0.3% .
Subscription Management: Enable one-click unsubscribe for efficient opt-outs. Allow recipients to review and unsubscribe from specific mailing lists.
Message Formatting: Format emails according to RFC 5322 and HTML standards. Avoid hiding content and ensure clear sender information.
Sending Guidelines: Authenticate emails with SPF and DKIM. Maintain consistent sending IPs and categorize messages. Use a TLS connection for transmitting email.
Avoid Sending Practices: Do not mix content types, impersonate others, or purchase email lists.
Increase Sending Volume Slowly: Gradually increase volume and monitor delivery metrics.
Special Considerations: Ensure compliance with guidelines, especially for third-party providers.
Affiliate Marketing & Phishing Exercises: Regularly monitor affiliates and avoid sending test phishing emails.

For more detailed email sender guidelines, see: Google Help: Email Sender Guidelines

Additional Points & Useful Information

Covering all there is to know about email deliverability is beyond the scope of this article. However, we thought we would include some additional helpful information here to save you hours of research.

Bulk Emailing

Here are some things to keep in mind in you plan to do any bulk emailing:

Spoofed emails count toward the bulk sender limit of 5,000. According to Yahoo, “Spoofed emails will count toward the mail we look at for enforcement. If you have a spoofing problem, you should be implementing a DMARC enforcement policy (p=quarantine or p=reject) regardless.”
Subdomains are also subject to the requirements. Non-compliant emails sent from the subdomain of an organizational level domain that is subject to DMARC verification will be impacted.

Misconceptions about SPF (Sender Policy Framework)

Understanding SPF’s role in email authentication is important, but the protocol also has limitations. Here are some popular misconceptions about SPF:

SPF will fully protect my domain from spoofing: SPF does not entirely protect the sender’s address visible to the user. It verifies the domain’s authorization but doesn’t secure the sender’s address. Use DMARC to protect visible domain names from spoofing.
Implementing SPF is sufficient to prevent all spoofing and phishing attempts: While SPF is a crucial measure, it is not a complete solution against spoofing and phishing. Other email authentication methods (e.g. DMARC) are necessary for comprehensive protection.
Including a company’s SPF record in emails ensures proper authentication: Companies sometimes mistakenly instruct customers to include their SPF record. However, this may not effectively authenticate emails and can lead to misconfigurations.

Misconceptions about DKIM (DomainKeys Identified Mail)

As with SPF, it’s also important to understand the role DKIM plays in getting your emails sent out and delivered, but there are some misconceptions to be aware of:

Encryption Misunderstanding: Contrary to popular belief, DKIM doesn’t encrypt emails. Instead, it focuses on verifying message integrity through hashes under “bh” and “b” tags, providing protection against modification and replay attacks, albeit only partially safeguarding against identity theft and forgery. A successful DKIM verification indicates the sender’s authorization and ensures message content integrity during transit.
Forgery Fallacy: There’s a misconception that DKIM signatures can be forged since their details are publicly available in DNS records. However, DKIM relies on a Public Key Infrastructure (PKI) with a pair of keys – public and private. While the public key is accessible in DNS records, the private key resides securely on the email service provider’s server, ensuring message authenticity. Therefore, DKIM signatures cannot be forged as the private key is kept confidential and solely used for message signing.
Spam Solution Illusion: While DKIM aids in verifying sender authorization and message integrity, it doesn’t provide a definitive solution to spam. While it reduces the likelihood of spammers using forged or stolen email addresses, it doesn’t prevent them from purchasing domains and setting up DKIM records to continue their activities. Consequently, this may inadvertently legitimize spam to some extent. However, authentic domain usage can mitigate phishing attacks, enhancing email security against malicious attempts, such as fraudulent emails purportedly from legitimate companies.

For the latest updates on Google’s guidelines for sending emails to personal Gmail accounts and bulk emailing requirements, check out Google’s Email Sender Guidelines FAQ

Have You Got The Message Yet?

As the increasingly complex and ongoing battle against email spam and phishing from sophisticated malicious actors continues to escalate, major providers like Google, Yahoo, Microsoft, and others have begun enforcing stringent email sending requirements for all users to ensure the safe delivery of emails to intended recipients.

Hopefully, this article has given you all the information you need to understand and comply with all guidelines and requirements for sending emails that will reach your recipients’ inboxes.

Refer to our guide on how to optimize email deliverability using WPMU DEV’s email services to learn how your business can easily comply with these new email sending rules.

May 28, 2024

How To Optimize Email Deliverability With WPMU DEV’s Email Services

Major email service providers now require all email senders to comply with new email sending rules to ensure email deliverability. Here’s how WPMU DEV’s email services make it easier to comply and get your emails safely delivered…

Refer to our comprehensive guide covering the new email sending requirements if you are not familiar with these new rules, what SPF, DKIM, and DMARC email protocols are, and what this all means for your business.

In this article, we’ll show you how your business can easily comply with the new rules if you use WPMU DEV’s Webmail or Email Hosting services.

We’ll cover:

WPMU DEV’s Email Services Are Fully Compliant

As shown in this article, if you run a check of the domain wpmudev.com using email verification tools, you will see that WPMU DEV meets all email service providers’ compliance requirements for email deliverability.

This is great news for your business!

Why?

Well, let’s start with …

Client Reports and Notifications

WPMU DEV’s SPF, DKIM, and DMARC policies are fully compliant with the stringent requirements set by all major email service providers.

This means that all your Hub-generated client reports and notifications sent from WPMU DEV’s email servers, including Uptime monitor reports, should have no problem reaching their intended recipients’ inboxes.

Valid WPMU DEV email — Rest assured that your clients will receive all reports and notifications sent by WPMU DEV’s email servers.

Webmail and Email Hosting

Not only will all reports and email notifications we send on your behalf reach your clients, but if you use or resell our Webmail or Email Hosting services, so will the emails that you send out to your clients, and the emails that your clients send out.

Best of all, all required email compliance is automatically built into our Webmail and email hosting services, so there’s nothing to configure for general emailing.

Let’s take a closer look…

We’ll use Webmail for this example and assume that you are hosting your domain on WPMU DEV’s servers or at least managing your DNS records with us.

When you set up Webmail and configure your email domain, you’ll see that our system automatically creates and adds SPF and DKIM records to your domain’s DNS records.

WPMU DEV DNS Records manager — SPF and DKIM records are automatically created and added to your WPMU DEV hosted domain’s DNS records.

Let’s test this out by sending an email from our Webmail account to a Gmail account.

First, log into Webmail…

Next, compose an email and send it to a Gmail account.

Example of an email created in Webmail. — Compose an email using Webmail.

When the email reaches your inbox, go to your Gmail account .

An email in a Gmail inbox — Hurray! Our Gmail recipient has received our email!

As shown earlier, you can view the Internet header for the email by opening the email, clicking on the vertical ellipsis icon, and selecting the Show original option from the menu.

Gmail - show original menu option selected. — Select the *Show Original* option to view your email’s Internet header

As you can see, the email sent from the Webmail account meets SPF and DKIM requirements.

Webmail domain valid headers. — This domain has valid SPF and DKIM headers … Gmail likes!

Additionally, setting up an email address using Webmail or our hosted email service requires using Transport Layer Security (TLS), so your emails automatically meet this requirement too!

If you or your clients are using Webmail or our hosted email services for regular business emailing purposes, you don’t need to worry about setting up DMARC for your domain.

Bulk Emailing

As per Google’s and Yahoo’s requirements, if you plan to send 5,000 emails or more, you will need to publish a valid DMARC policy.

Add DNS Records For 3rd-Party Email Services

If you currently host an email domain with WPMU DEV that you plan to use for bulk sending purposes (emailing 5,000+ users a day), then check with your bulk sending provider for instructions on how to add the records you will need to comply with their services.

For example, let’s say you send email newsletters using a domain’s DNS managed with WPMU DEV and an email marketing service like Mailchimp, GetResponse, Sender, HubSpot, etc.

In this example, we’ll use Aweber for a domain’s DNS managed with WPMU DEV that needs authentication.

To authenticate the domain, find their setup instructions. In Aweber’s case, a notice displays in the user’s account dashboard with a link to their Domain Authentication screen.

AWeber Domain Authentication screen — This domain needs DKIM set up and a DMARC policy to be authenticated by the provider.

To authenticate DKIM, Aweber requires adding various new CNAME records to the domain’s DNS records.

So, the first step is to copy the Name (Host) record to the clipboard…

CNAME records supplied by the email service provider being copied to the clipboard. — Copy the records provided by your service provider to your clipboard.

Next, go into The Hub > Domains and locate your domain…

The Hub - Domains - Registered domains. — Find your domain in The Hub – Domains section.

Click on the vertical ellipsis next to the domain and select Manage DNS.

The Hub - Domains - Registered domains - Manage DNS option selected. — Select the Manage DNS option for your domain.

In the DNS Records screen, click on Add Record.

The Hub's DNS Manager - Add Record — Click on Add Record to add a new DNS record.

Select CNAME from the Record type dropdown menu and paste the Hostname record from your clipboard.

Go back to your email service provider’s screen, copy the Value key to your clipboard, and paste it into the Alias field, then click the Add button.

Add New DNS Record screen with CNAME selected in Record type field and Hostname record pasted in — Create a new CNAME Record and paste the records supplied by your provider into the Hostname and Alias fields.

Repeat this process until all of your service provider’s required records have been added in your domain’s DNS management area.

New CNAME records added. — All CNAME records have now been added.

If a DMARC policy is required, follow the same copy and paste process as described for adding DKIM records above.

Note that in Aweber’s case, they require a new TXT record to be created for adding a DMARC policy, not a CNAME record.

Aweber's Set up a DMARC policy screen with text being copied to clipboard. — Copy the DMARC record to your clipboard.

Create a new TXT record in The Hub’s DNS management area and paste the content provided into the Hostname and Value fields. Click the Add button when done.

Add NEw DNS Record screen. — Paste the copied TXT record values into the Add New DNS Record fields and click Add.

You will see the new record has been added to the Records section.

WPMU DEV DNS Manager with DMARC TXT record added. — The new DMARC TXT record has been added.

Go back to your service provider’s dashboard and refresh their settings to validate your domain’s records.

Aweber Domain Authentication screen showing a fully authenticated email domain. — Your email domain is now fully authenticated and compliant!

If you need help creating or adding DNS records to WPMU DEV’s DNS manager, see our documentation.

Use a Professional Email Address

As we explain in this article on how to set up free email accounts with WPMU DEV’s managed WordPress hosting, it’s important to use a professional email address for your business for the following reasons:

Boost Credibility: Sending emails from a free email address undermines your professionalism.
Enhanced Deliverability: Professional addresses are less likely to end up in spam folders, improving email engagement.
Brand Trust: A branded email domain fosters trust and credibility, leading to higher open and click-through rates.
Branding Opportunities: Consistent display of your brand in emails reinforces brand identity and recognition.
Control and Security: Professional email addresses offer more control over infrastructure and security settings, enhancing data protection.

Securing a professional business email address helps to enhance deliverability and improves email engagement, which are important and relevant to this discussion.

WPMU DEV Email Services Get Your Emails Delivered

If you are a WPMU DEV domain reseller, you can help your clients improve their email deliverability and lower potential complaint rates by advising them to secure a professional email address that matches their website domain and setting these up on our Webmail or Pop3 email services.

Sending emails from a professional email address using our Webmail or POP3 email services is the best and easiest way to automatically cover (almost all) your bases.

With our fully compliant hosted services powering your and your clients’ emails, all that’s left for you to do is make sure you have that unsubscribe link in your emails, compose your message, and hit the send button.

If you have any questions about our email services, check our Webmail or email hosting documentation, or contact our expert 24/7 support team.

May 28, 2024

My Messages on Instagram Are Purple, How Do I Change Them Back to Grey?

If you’ve noticed that your Instagram Direct Messages (DMs) are showing up in purple instead of the usual grey, it likely means that the “Active Status” feature is enabled for your account. Instagram uses purple messages...

The post My Messages on Instagram Are Purple, How Do I Change Them Back to Grey? appeared first on 85ideas.com.

May 28, 2024

The Era Of Platform Primitives Is Finally Here

This article is a sponsored by Netlify

In the past, the web ecosystem moved at a very slow pace. Developers would go years without a new language feature or working around a weird browser quirk. This pushed our technical leaders to come up with creative solutions to circumvent the platform’s shortcomings. We invented bundling, polyfills, and transformation steps to make things work everywhere with less of a hassle.

Slowly, we moved towards some sort of consensus on what we need as an ecosystem. We now have TypeScript and Vite as clear preferences—pushing the needle of what it means to build consistent experiences for the web. Application frameworks have built whole ecosystems on top of them: SolidStart, Nuxt, Remix, and Analog are examples of incredible tools built with such primitives. We can say that Vite and TypeScript are tooling primitives that empower the creation of others in diverse ecosystems.

With bundling and transformation needs somewhat defined, it was only natural that framework authors would move their gaze to the next layer they needed to abstract: the server.

Server Primitives

The UnJS folks have been consistently building agnostic tooling that can be reused in different ecosystems. Thanks to them, we now have frameworks and libraries such as H3 (a minimal Node.js server framework built with TypeScript), which enables Nitro (a whole server runtime powered by Vite, and H3), that in its own turn enabled Vinxi (an application bundler and server runtime that abstracts Nitro and Vite).

Nitro is used already by three major frameworks: Nuxt, Analog, and SolidStart. While Vinxi is also used by SolidStart. This means that any platform which supports one of these, will definitely be able to support the others with zero additional effort.

This is not about taking a bigger slice of the cake. But making the cake bigger for everyone.

Frameworks, platforms, developers, and users benefit from it. We bet on our ecosystem together instead of working in silos with our monolithic solutions. Empowering our developer-users to gain transferable skills and truly choose the best tool for the job with less vendor lock-in than ever before.

Serverless Rejoins Conversation

Such initiatives have probably been noticed by serverless platforms like Netlify. With Platform Primitives, frameworks can leverage agnostic solutions for common necessities such as Incremental Static Regeneration (ISR), Image Optimization, and key/value (kv) storage.

As the name implies, Netlify Platform Primitives are a group of abstractions and helpers made available at a platform level for either frameworks or developers to leverage when using their applications. This brings additional functionality simultaneously to every framework. This is a big and powerful shift because, up until now, each framework would have to create its own solutions and backport such strategies to compatibility layers within each platform.

Moreover, developers would have to wait for a feature to first land on a framework and subsequently for support to arrive in their platform of choice. Now, as long as they’re using Netlify, those primitives are available directly without any effort and time put in by the framework authors. This empowers every ecosystem in a single measure.

Serverless means server infrastructure developers don’t need to handle. It’s not a misnomer, but a format of Infrastructure As A Service.

As mentioned before, Netlify Platform Primitives are three different features:

Image CDN
A content delivery network for images. It can handle format transformation and size optimization via URL query strings.
Caching
Basic primitives for their server runtime that help manage the caching directives for browser, server, and CDN runtimes smoothly.
Blobs
A key/value (KV) storage option is automatically available to your project through their SDK.

Let’s take a quick dive into each of these features and explore how they can increase our productivity with a serverless fullstack experience.

Image CDN

Every image in a /public can be served through a Netlify function. This means it’s possible to access it through a /.netlify/images path. So, without adding sharp or any image optimization package to your stack, deploying to Netlify allows us to serve our users with a better format without transforming assets at build-time. In a SolidStart, in a few lines of code, we could have an Image component that transforms other formats to .webp.

import { type JSX } from "solid-js";

const SITE_URL = "https://example.com";

interface Props extends JSX.ImgHTMLAttributes<HTMLImageElement> {
  format?: "webp" | "jpeg" | "png" | "avif" | "preserve";
  quality?: number | "preserve";
}

const getQuality = (quality: Props["quality"]) => {
  if (quality === "preserve") return"";
  return &q=${quality || "75"};
};

function getFormat(format: Props["format"]) {
  switch (format) {
    case "preserve":
      return"  ";
    case "jpeg":
      return &fm=jpeg;
    case "png":
      return &fm=png;
    case "avif":
      return &fm=avif;
    case "webp":
    default:
      return &fm=webp;
  }
}

export function Image(props: Props) {
  return (
    <img
      {...props}
      src={${SITE_URL}/.netlify/images?url=/${props.src}${getFormat(
        props.format
      )}${getQuality(props.quality)}}
    />
  );
}

Notice the above component is even slightly more complex than bare essentials because we’re enforcing some default optimizations. Our getFormat method transforms images to .webp by default. It’s a broadly supported format that’s significantly smaller than the most common and without any loss in quality. Our get quality function reduces the image quality to 75% by default; as a rule of thumb, there isn’t any perceivable loss in quality for large images while still providing a significant size optimization.

Check our little component at play.
Source code: SolidStart and Netlify Primitives.

Caching

By default, Netlify caching is quite extensive for your regular artifacts - unless there’s a new deployment or the cache is flushed manually, resources will last for 365 days. However, because server/edge functions are dynamic in nature, there’s no default caching to prevent serving stale content to end-users. This means that if you have one of these functions in production, chances are there’s some caching to be leveraged to reduce processing time (and expenses).

By adding a cache-control header, you already have done 80% of the work in optimizing your resources for best serving users. Some commonly used cache control directives:

{
  "cache-control": "public, max-age=0, stale-while-revalidate=86400"

}

public: Store in a shared cache.
max-age=0: resource is immediately stale.
stale-while-revalidate=86400: if the cache is stale for less than 1 day, return the cached value and revalidate it in the background.

{
  "cache-control": "public, max-age=86400, must-revalidate"

}

public: Store in a shared cache.
max-age=86400: resource is fresh for one day.
must-revalidate: if a request arrives when the resource is already stale, the cache must be revalidated before a response is sent to the user.

Note: For more extensive information about possible compositions of Cache-Control directives, check the mdn entry on Cache-Control.

The cache is a type of key/value storage. So, once our responses are set with proper cache control, platforms have some heuristics to define what the key will be for our resource within the cache storage. The Web Platform has a second very powerful header that can dictate how our cache behaves.

The Vary response header is composed of a list of headers that will affect the validity of the resource (method and the endpoint URL are always considered; no need to add them). This header allows platforms to define other headers defined by location, language, and other patterns that will define for how long a response can be considered fresh.

The Vary response header is a foundational piece of a special header in Netlify Caching Primitive. The Netlify-Vary will take a set of instructions on which parts of the request a key should be based. It is possible to tune a response key not only by the header but also by the value of the header.

query: vary by the value of some or all request query parameters.
header: vary by the value of one or more request headers.
language: vary by the languages from the Accept-Language header.
country: vary by the country inferred from a GeoIP lookup on the request IP address.
cookie: vary by the value of one or more request cookie keys.

This header offers strong fine-control over how your resources are cached. Allowing for some creative strategies to optimize how your app will perform for specific users.

Blob Storage

This is a highly-available key/value store, it’s ideal for frequent reads and infrequent writes. They’re automatically available and provisioned for any Netlify Project.

It’s possible to write on a blob from your runtime or push data for a deployment-specific store. For example, this is how an Action Function would register a number of likes in store with SolidStart.

import { getStore } from "@netlify/blobs";
import { action } from "@solidjs/router";

export const upVote = action(async (formData: FormData) => {
  "use server";

  const postId = formData.get("id");
  const postVotes = formData.get("votes");

  if (typeof postId !== "string" || typeof postVotes !== "string") return;

  const store = getStore("posts");
  const voteSum = Number(postVotes) + 1)

  await store.set(postId, String(voteSum);

  console.log("done");
  return voteSum

});

Check @netlify/blobs API documentation for more examples and use-cases.

Final Thoughts

With high-quality primitives, we can enable library and framework creators to create thin integration layers and adapters. This way, instead of focusing on how any specific platform operates, it will be possible to focus on the actual user experience and practical use-cases for such features. Monoliths and deeply integrated tooling make sense to build platforms fast with strong vendor lock-in, but that’s not what the community needs. Betting on the web platform is a more sensible and future-friendly way.

Let me know in the comments what your take is about unbiased tooling versus opinionated setups!

May 28, 2024

Collective #842

Web Platform Status * BYOBC * Emoji history: the missing years * Handheld Design®

May 28, 2024

How to Fix “PHP Missing MySQL Extension” Error in WordPress

Recently, a user encountered the ‘your PHP installation appears to be missing the MySQL extension which is required by WordPress’ error and asked us if there was a way to fix it.

When this error appears, it prevents users from viewing your website. If it occurs frequently, then it can be bad for your site’s user experience.

In this article, we will show you how to fix PHP missing MySQL extension error in WordPress.

What Is the PHP Missing MySQL Extension Error?

When you’re working on building a WordPress website or visiting a web page, you may come across the ‘your PHP installation appears to be missing the MySQL extension which is required by WordPress’ error.

This error usually means that something went wrong with your site’s code and it’s preventing WordPress from connecting to its MySQL database.

The PHP missing MySQL extension error usually appears when you update or install WordPress, migrate a website, change server configurations, or switch operating systems that don’t have a MySQL extension (like Linux).

That said, let’s see the causes for this error.

What Causes the PHP Missing MySQL Extension Error?

There are multiple reasons why a PHP missing MySQL extension error may occur.

One of them is that you are using an outdated version of WordPress with the latest PHP version. If you’re using PHP 7.0 or higher, then you should know that it deprecated the MySQL extension.

So, if you have an older version of WordPress that’s working with PHP 7.0 or higher, then it won’t find the MySQL extension and cause this error.

Another reason why you might see this error is that the MySQL extension is either missing or not properly configured. Even if you’re using PHP 5.6 or lower, the PHP missing MySQL extension error can still occur due to an outdated MySQL extension.

Now, let’s see some of the ways you can fix the ‘your PHP installation appears to be missing the MySQL extension which is required by WordPress’ error.

You can use the links below to check out any of the tips you’d like:

Check The PHP Version You Are Using
Update WordPress to the Latest Version
Ensure You Have MySQL Extension Installed
Check Your PHP Configuration
Bonus Resources for Fixing WordPress Errors

Fixing the PHP Missing MySQL Extension Error in WordPress

Now that you know what causes this WordPress error, here are some of the ways to fix it.

1. Check The PHP Version You Are Using

The first thing you can do is check the PHP version of your website. A conflict between WordPress and PHP version usually results in the PHP missing MySQL extension error.

To start, you can head to the Tools » Site Health page from the WordPress dashboard. From here, simply switch to the ‘Info’ tab.

After that, you can scroll down to the ‘Server’ section and click to expand it. Here, you’ll see the server information for your website.

Go ahead and view the PHP version in the details.

If your site’s PHP version starts with 7 or lower, then it means you’ll need to update it. This can solve the PHP missing MySQL extension error as it would be compatible with the latest WordPress version.

We highly recommend using PHP 8.0 or the latest version because it will safeguard your site from security threats. Plus, it will also optimize your site’s performance and fix any security vulnerabilities and bugs.

You can learn more by following our guide on how to update your PHP version in WordPress.

2. Update WordPress to the Latest Version

After checking the PHP version, you can also see which WordPress version you’re using.

If it is an older version and you’re running the latest PHP version, then consider updating WordPress to resolve the PHP missing MySQL extension error.

A simple way to check the WordPress version is by going to Dashboard » Updates from the WordPress admin panel. Here, look for the ‘Current version’ information.

If the WordPress version is 3.9 or lower, then we recommend updating it to fix the missing MySQL extension error.

The best thing is that WordPress comes with a built-in update manager. You can update to the latest version with a click of a button.

To learn more, please see our guide on how to safely update WordPress.

3. Ensure You Have MySQL Extension Installed

Now that you have updated the PHP version and WordPress on your website and are still facing the ‘PHP missing MySQL extension’ error, then you need to check if the MySQL extension is correctly installed on your site.

You can do that by going to the Tools » Site Health page from the WordPress dashboard. Next, you’ll need to switch to the ‘Info’ tab.

After that, head to the ‘Database’ section and click to expand it.

In the Extension field, look for mysqli or mysql.

If you see the field blank or not visible at all, then it means you’re missing the MySQL extension.

Now, the installation process for the extension will depend on your WordPress hosting provider. You can simply reach out to them for help or ask the support team to install it for you.

4. Check Your PHP Configuration

Another way to fix the PHP missing MySQL extension error is to check your site’s PHP settings.

At times, you might be uploading the wrong php.ini file or using the wrong file path. This leads to PHP configuration issues and missing MySQL extension errors.

The php.ini file is a default configuration file for PHP and impacts how your site functions. Uploading the incorrect file usually happens if you’re using a different operating system. For example, you might be uploading the php.ini file that’s intended for Windows on a Linux server.

To find the path of your php.ini file in the phpinfo.php file, you can enter the following web address in the browser:

www.example.com/phpinfo.php

Just make sure to replace www.example.com with your domain name.

Next, you will see details of your PHP installation.

From here, you can scroll down and look for the ‘Configuration File Path’ or ‘Loaded Configuration File’ fields.

Once you locate the php.ini file, simply connect to an FTP client, go to the file path, and delete it to see if it fixes the PHP missing MySQL extension error.

Before deleting, we recommend creating a backup of the existing file by downloading it onto your computer. This way, if anything goes wrong, you can restore the php.ini file and access your website.

Bonus Resources for Fixing WordPress Errors

Now that you know about PHP missing MySQL extension error, you can also check out our guides on resolving other WordPress errors:

We hope this article helped you learn how to fix the PHP missing MySQL extension error in WordPress. You may also want to see our tips to speed up WordPress performance or our complete WordPress troubleshooting guide.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Fix “PHP Missing MySQL Extension” Error in WordPress first appeared on WPBeginner.

May 28, 2024

Inspirational Websites Roundup: Webflow Special #4

In collaboration with Webflow, we’re thrilled to present this roundup, featuring a handpicked selection of awe-inspiring websites.