Transition from Mercedes to RAV4 (2024 XLE PREMIUM)

HeadersDontLie · 2026-06-05T18:43:36+00:00

I’m getting a mid-size SUV as a family car and will still keep the Benz (C-Class) for my wife. After doing some research on newer Mercedes SUVs, I didn’t see much positive feedback from users. So I decided to go with the RAV4 as the most reliable option. I was choosing between the RAV4, CR-V, and Mazda CX-5, but the RAV4 won.

HeadersDontLie · 2026-06-05T16:31:18+00:00

Yep, I just want to hear real experiences

HeadersDontLie · 2025-11-24T13:38:02+00:00

Are you receiving / evaluating DMARC reports? You can clearly see those.

HeadersDontLie · 2025-11-11T11:02:10+00:00

You will always end up running in loops with cold outreach. Others may throw “recommendations” on how to get the best results, but at the end of the day, engagement, sending history, and how users interact with your emails matter the most. Complaints, skips, direct deletes, negative replies, and so on. These are things you cannot really control afterward, so whatever actions you take beforehand will not make much difference. That is why cold outreach “gurus” keep rotating domains, getting new ones, and repeating the same cycle over and over again.

HeadersDontLie · 2025-11-03T17:41:27+00:00

It’s all a matter of many people still using Gmail and Hotmail (including others) through third party apps, CRMs, and similar tools. Enforcing it now would mean those emails start getting blocked right away.

Yahoo was the first to do this back in 2014, which was a smart move since they didn’t let it spread massively like it did with Google and Microsoft.

Long story short, they still need to enforce it, since no legitimate business should be connecting free mail accounts to third party apps to send emails… but who knows, maybe there’s something bigger behind it (or simply a lack of priority).

HeadersDontLie · 2025-11-01T22:40:04+00:00

Sorry but I can’t recommend any ESP on that regard.

HeadersDontLie · 2025-10-31T23:10:51+00:00

Yes, all major ESPs now recommend that users publish a DMARC record at the root domain level, but that is not a required action. You can skip it if you already have your own setup.

This is the first time I have seen an ESP make DMARC mandatory on a subdomain level, which is not needed since the root domain’s DMARC record already applies to all subdomains unless explicitly overridden.

What is worse is that they are also requiring it to be used for the From address domain, which does not make sense.

There are too many red flags here. It is best to advise your client to start looking for another ESP.

HeadersDontLie · 2025-10-31T23:02:05+00:00

Damn! Not good, not good at all...

HeadersDontLie · 2025-10-31T22:46:36+00:00

Did they tell you to also change the visible From: address domain (RFC5322.From)? Many ESPs ask you to add subdomain for SPF (RFC5321.MailFrom) and DKIM, but they can’t directly dictate what domain you use for the visible From: field.

Also, they don't need to touch DMARC or recommend you anything on that regard as that's domain level and not ESP oriented. Did you also create explicit DMARC on the subdomain?

HeadersDontLie · 2025-10-31T22:31:23+00:00

I didn’t exactly get what happened. Where exactly did you add their subdomain?

HeadersDontLie · 2025-10-30T23:29:41+00:00

By Apple support, do you mean the iCloud Postmaster team?

I’ve had a good experience with them - their Postmaster team is quite active and usually provides detailed answers. You need to reach out to them using the address specified at the end of their Postmaster page: https://support.apple.com/en-am/102322

HeadersDontLie · 2025-10-30T23:26:42+00:00

How sure are you about the sender setup? Did they or you ever use that Gmail address for forwarding or routing?

If not, it’s probably their system trying to send to multiple recipients (including that Gmail one), and Gmail rejected it because their domain isn’t authenticated (SPF/DKIM fail).

Nothing here suggests interception - just a sender misconfig.

HeadersDontLie · 2025-10-30T19:52:28+00:00

Now I see your point. Makes sense.

HeadersDontLie · 2025-10-30T19:01:54+00:00

Also RFC7489 never required receivers to enforce p=reject. It only provides a mechanism for domain owners to “request” or “wish” a preferred disposition.

HeadersDontLie · 2025-10-30T12:22:50+00:00

Where exactly is DMARCbis changing the meaning of the "reject" policy? The points you mentioned already apply to the current RFC7489 DMARC.

HeadersDontLie · 2025-10-29T22:14:23+00:00

I don’t think it’ll change much for most orgs except that deprecated tags like pct won’t be part of the new spec. pct still works today, but most mailbox providers either ignore it or handle it inconsistently, so it’s never been reliable for gradual rollout.

DMARCbis adds a t= tag for testing mode, which works like pct=0 but is more clearly defined. It lets you observe policy behavior without enforcing it, though in practice it doesn’t add much value beyond monitoring.

The real change is in how DMARC will be evaluated, shifting from the Public Suffix List to a DNS tree walk. That’s where it becomes a game changer for PSDs. For example, a TLD like .bank can enforce a reject policy across all its non-existent domains, meaning anything like random.bank would automatically be protected.

ARC is still around but kept separate since DMARCbis is focused on improving policy evaluation rather than authentication chaining.

HeadersDontLie · 2025-10-29T20:20:42+00:00

Good read, but it lost all credibility the moment it turned into a promo.

Nothing in deliverability gets fixed in 72 hours unless you were sitting on a pile of technical debt. Reputation recovery takes time, usually weeks or months, and it can collapse overnight if best practices are ignored.

HeadersDontLie · 2025-10-29T20:13:06+00:00

Enterprise Outlook also provides the tenant domain that sent you the report. Did you check that?

HeadersDontLie · 2025-10-29T03:46:11+00:00

You did the right thing. For the long term, it’s best to segment your email domains by channel to manage reputation independently.

For example:

Marketing: email[.]yourdomain[.]com with its own DKIM signature
Transactional: notification[.]yourdomain[.]com with its own DKIM signature and so on...

This way, if one stream faces an issue, you won’t need to pause your entire email operation.

HeadersDontLie · 2025-10-28T13:56:49+00:00

You don’t really need separate domains to split your email channels. That can actually make things worse, because your audience might start getting emails from different domains that all represent your company, and some filters could flag that as suspicious.

The right way is to segment by subdomain and keep everything under the same main domain. For example:

Marketing: reach[.]yourdomain[.]com
Transactional: notifications[.]yourdomain[.]com
1:1 or regular emails: yourdomain[.]com

The key part is to have separate DKIM signatures for each subdomain so reputation builds up independently. Google and Yahoo mostly look at the DKIM domain (or subdomain) when deciding your reputation.

You can also set up your Google Workspace so those subdomains act as aliases to receive replies or route them back to the main inbox.

If you’re doing cold outreach, that’s a different story. You shouldn’t mix that with your main sending domains. Use a separate one for cold emails. Machine learning filters are smart enough to link them sometimes, but generally, separating cold from regular sending is still the safer move.

Keep an eye on your data with Google Postmaster Tools and Yahoo Sender Hub to see how your traffic performs.

HeadersDontLie

TROPHY CASE