Here's something I wish I had known about sooner.* In order to cut down on spoofing and phishing (where bad actors send fraudulent email that looks like it came from your organization), all of the major email providers out there use a system called SPF (Sender Policy Framework). Basically it is a record you create in the DNS management for your domain that tells the world what alternate domains or email addresses are approved for sending legitimate email on behalf of you.
For example, say you have a payment processor that sends out receipts of donations people make to you, or you use a 3rd party tool for sending newsletters to your mailing lists. In both cases you want the email to look like it came from @your-nonprofit.org, but the system actually doing the sending is actually MailChimp or Click&Pledge. What you do is add MailChimp to your SPF record and do the same for C&P. Now the email systems that receive these messages will check your SPF record, see that the message is coming from an approved sender, and let the message through into your supporters' inboxes.
Google has a good overview of SPF records, and walks you through creating one for your domain. And if you aren't already using Google Apps for your non-profit, you should absolutely take a look at it now. It's free and it's an overall great system.
* unfortunately in my org we had reports of emails not getting delivered or getting marked as spam and it took me a while to figure out what was going on. Which wasn't as bad as the dumb “fraud detection” system at our payment processor that caused donations made from our headquarters to stop going through because they detected “an unusually high level of activity’ coming from that address. Yeah, because that's where we do all of our business!
Comments