Understanding Transport DKIM Signing at MailBaby
When sending emails through MailBaby, you may notice technical headers or “via” details that differ from sending directly from a personal server. At MailBaby, we automatically sign the transport domain of emails passing through our network. But why is this done, and does it actually improve deliverability?
What is Transport DKIM Signing?
MailBaby applies a DKIM (DomainKeys Identified Mail) signature to the transport domain of every email. This acts as a cryptographic stamp of approval from the network delivering the message.
If you have not set up your own DKIM signature for your specific domain, recipients (such as Gmail) may display your email with a notice saying it was sent “via mailbaby.net” or “on behalf of mailbaby.net.”
Note: If you set up your own DKIM signing, this “via” notice generally disappears. However, even when you sign your own emails, the MailBaby transport signature remains in the headers as a secondary validator.
Why is this done? (The Importance of Feedback Loops)
The primary reason for transport signing is to maintain a healthy network through Feedback Loops (FBLs). FBLs are mechanisms that allow email providers to notify senders when a recipient marks an email as spam/junk.
- Standard Providers: Many email providers (Comcast or Tucows) offer feedback loops through a service called Validity, which MailBaby subscribes to.
- The Yahoo Exception: Yahoo is not part of the standard Validity network. They provide feedback based specifically on DKIM signing. The transport signature allows MailBaby to receive these reports from Yahoo.
- The Gmail Method: Gmail also requires specific authentication. They use a unique
Feedback-IDheader combined with DKIM signing to report abuse.
By signing the transport domain, MailBaby ensures that abuse reports from these major providers are received and processed. This allows the team to identify bad actors and keep the IP reputation high for all legitimate customers.
Does Transport DKIM Help Deliverability?
Beyond feedback loops, does having a third-party transport signature actually help your email reach the inbox? According to insights from Brandon L. at Google, the answer is yes—it is a significant factor in how emails are evaluated.
The Google Perspective
Brandon L. notes that adding a DKIM signature creates a “source anchor” for the message. Here is how Google views it:
“Generally speaking, adding a DKIM signature to your message adds a ‘source’ anchor, something that ties a message to other messages. For us, this means another reputation in addition to things like IP address, IP range, ASN, and SPF domain.”
When Google receives an email, they look at several factors:
- Reputation Stacking: They evaluate the reputation of the IP, but also the reputation of the DKIM domain. If the transport domain (MailBaby) has a high reputation, it can help validate the message.
- Signature Ranking: Google ranks signatures. They look at the strength of the key and whether it is a “shared” domain versus a custom domain.
- Trust Transfer: If a third-party SMTP server (like MailBaby) signs a message, they are essentially vouching for it. Brandon L. suggests that high-value DKIM domains are careful about what they sign, meaning the presence of the signature implies a level of filtering has already occurred.
Mailbaby uses 4 separate DKIM signatures based on the score of the email, similar to the IP reputation pools in use. The better quality of email, which includes factors like bounce rate, complaint rate, and other factors not only determine the IP pool used, but also the DKIM signature used.
Summary
While setting up your own DKIM is always the best practice for branding and professional appearance, the MailBaby transport signature serves as a vital safety net. It ensures feedback loops remain active and provides a secondary layer of “reputation anchoring” that major providers like Google take into consideration when deciding where to place your email.