Email deliverability in 2025 isn’t just about writing compelling subject lines or engaging content. Behind the scenes, your domain’s authentication setup determines whether your carefully crafted emails land in the inbox or disappear into the spam folder abyss.

Three acronyms sit at the heart of this challenge: SPF, DKIM, and DMARC.

Think of them as the “three security locks” on your domain’s front door. Without them, spammers can impersonate you, ISPs will distrust you, and your inbox placement will suffer. With them, your brand looks professional, your emails get through, and your audience actually sees your message.

This complete guide will break down what each protocol does, why it matters in 2025, and how to set it up step by step — with practical examples, common mistakes to avoid, and testing tips.

Why Email Authentication Matters in 2025

Back in the early days of email marketing, basic “delivery” was enough. If your server could hand off a message, most inbox providers accepted it. Fast forward to 2025, and the landscape has completely changed.

• AI-driven spam filters evaluate behavior, sender reputation, and authentication.

• Phishing attacks have skyrocketed, forcing providers like Gmail and Outlook to demand stricter verification.

• Brand trust is now visible in inboxes — with BIMI logos and authenticated senders getting higher credibility.

The bottom line: Without proper SPF, DKIM, and DMARC, even high-quality emails risk being quarantined, throttled, or rejected outright.

Email Deliverability vs. Delivery: What’s the Real Difference?

SPF: Sender Policy Framework

What is SPF?

SPF is like your domain’s guest list. It tells inbox providers which servers are allowed to send email on behalf of your domain.

Analogy: Imagine a nightclub with a bouncer. SPF is the guest list the bouncer checks before letting people in.

How it works

• You publish an SPF record in your domain’s DNS.

• When you send an email, the recipient’s server checks if the sending server’s IP matches that record.

• If it matches → pass. If not → fail.

Example SPF record for Google Workspace

v=spf1 include:_spf.google.com ~all

Setup steps

1. Log in to your DNS provider (e.g., Cloudflare, GoDaddy).

2. Add a TXT record containing your SPF policy.

3. Test by sending to Gmail and checking the email header for spf=pass.

Common mistakes

• Publishing multiple SPF records (you should only have one).

• Forgetting to update SPF after adding a new sending service.

DKIM: DomainKeys Identified Mail

What is DKIM?

DKIM adds a digital signature to each outgoing email, proving that it hasn’t been altered in transit.

Analogy: Think of DKIM as a wax seal on a letter — if the seal is intact, the recipient knows it’s genuine.

How it works

• Your sending server uses a private key to sign each email.

• The recipient’s server checks this against the public key published in your DNS.

• If they match → the email passes integrity checks.

Setup steps

1. Generate DKIM keys in your email provider (e.g., Google Workspace, Microsoft 365, Zoho).

2. Publish the public key as a DNS TXT record.

3. Ensure your ESP is signing all outbound mail with the private key.

4. Send a test message and check for dkim=pass in the header.

Common mistakes

• Misconfigured selectors (leading to alignment failures).

• Forgetting to rotate keys periodically.

DMARC: Domain-based Message Authentication, Reporting & Conformance

What is DMARC?

DMARC acts as the rulebook that tells inbox providers what to do when SPF or DKIM fails. It also provides reporting, so you can see who’s trying to spoof your domain.

Analogy: Imagine DMARC as the manager who instructs the nightclub bouncer: “If someone’s not on the guest list or their seal is broken, send them home or put them under watch.”

How it works

• You set a DMARC policy in DNS: none, quarantine, or reject.

• Providers follow your instructions when SPF/DKIM fail.

• Reports (RUA, RUF) show which IPs are sending on your behalf.

Example DMARC record

v=DMARC1; p=quarantine; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; fo=1

Setup steps

1. Start with p=none (monitoring only).

2. Analyze reports to ensure legitimate traffic is aligned.

3. Move to quarantine → suspicious mail goes to spam.

4. Finally, enforce reject for maximum protection.

Common mistakes

• Jumping straight to reject without monitoring.

• Not setting up reporting addresses (you lose visibility).

Together, they form a layered defense system. Without all three, your email security and deliverability remain incomplete.

How to Test & Monitor Authentication

1. Send test emails to Gmail or Outlook.

   • Look for: spf=pass, dkim=pass, dmarc=pass.

    

2. Use tools like:

   • Gmail Postmaster Tools

   • Spamhaus

   • MXToolbox

    

3. Leverage Zharik’s Deliverability Insights to track inbox placement, not just delivery.

10 Common Reasons Emails Go to Spam (2025 Guide to Inbox Placement)

Common Mistakes & How to Avoid Them

• Using multiple SPF records instead of one consolidated record.

• Forgetting to update records when switching ESPs.

• Setting DMARC to reject too early.

• Not rotating DKIM keys.

FAQs

Do I really need all three?

Yes. SPF and DKIM handle technical checks, but DMARC enforces policy and reporting.

Will BIMI work without DMARC?

No. BIMI requires DMARC with enforcement (quarantine or reject).

How long does DNS propagation take?

Usually a few minutes to 48 hours, depending on your provider.

What happens if I only set SPF?

You’re partially protected, but spoofers can still bypass you without DKIM/DMARC.

Conclusion

SPF, DKIM, and DMARC aren’t just technical acronyms — they’re the foundation of trustworthy email marketing in 2025.

By setting them up correctly, you:

• Protect your brand from spoofing.

• Improve your inbox placement rates.

• Build trust with ISPs and subscribers.

At Zharik, we go beyond authentication. With domain warm-up, inbox monitoring, and deliverability insights, we help you not just deliver emails — but deliver them to the inbox.

Imagine this: you’ve spent hours crafting the perfect email campaign. The subject line is catchy, the copy is compelling, and the call-to-action practically begs to be clicked. You hit “send,” sit back, and wait for the results—only to discover that a large chunk of your emails never even made it to their destinations. They bounced. Some addresses were fake, some had typos, and others were just abandoned mailboxes.

This is the painful reality for businesses that overlook email validation. It’s the invisible step that separates high-performing campaigns from wasted budgets. Let’s explore what email validation really means, how it works behind the scenes, and why your business simply can’t afford to skip it.

What Is Email Validation?

At its core, email validation is the process of checking whether an email address is correct, safe, and active. It ensures your list is free from junk data like typos, fakes, spam traps, or temporary addresses.

Validation typically includes:

1. Syntax check – making sure the email follows correct format rules (This email address is being protected from spambots. You need JavaScript enabled to view it. passes, john@example fails).

2. Domain check – confirming the domain exists and can accept mail.

3. Mailbox ping – a safe “handshake” with the server to see if the inbox is real.

4. Disposable email detection – spotting temporary accounts like 10MinuteMail.

5. Role-based email filtering – flagging addresses like support@ or admin@.

6. Spam trap avoidance – keeping you away from addresses designed to catch spammers.

Think of it as a background check for your email subscribers.

Email Validation vs. Verification vs. Confirmation

These three terms often get tossed around as if they mean the same thing, but they don’t.

Validation is about structure and possibility. It tells you whether an email could work.

Verification goes deeper and asks: does this inbox actually exist and accept mail right now?

Confirmation involves the human element: the user clicking a link in a “please confirm your email” message to prove they own the address.

Think of it like sending a letter. Validation makes sure you wrote the address correctly. Verification checks if there’s really a mailbox at that house. And confirmation is when the homeowner opens the door and waves hello. Together, the three steps create a reliable, safe list of contacts.

Why Email Validation Is a Business Essential

1. Protect Your Sender Reputation

Your sender reputation is like your email “credit score.” If it drops, inbox providers like Gmail or Outlook may block or filter your emails—even to good contacts. High bounce rates are the fastest way to damage it.

2. Save Money on Sending Costs

Most email service providers charge per contact or per send. Invalid addresses waste budget. By removing them, you send fewer emails but get better results.

3. Increase Engagement and ROI

When emails only go to real people, your open rates, click-throughs, and conversions rise. Higher engagement also boosts your inbox placement, creating a positive feedback loop.

4. Stop Fake Signups and Bots

Some users enter bogus addresses to grab freebies. Others are automated bots. Validation stops them from poisoning your database.

5. Simplify Compliance

Regulations like GDPR, CCPA, and CAN-SPAM require businesses to respect user data and consent. Validation helps demonstrate that your data is accurate and responsibly managed.

Real-World Scenarios

• E-commerce Example: An online clothing brand collects thousands of signups during a holiday sale. Without validation, 15% of those addresses bounce. Their domain reputation suffers, and sales emails start landing in spam. With validation, only active, real addresses enter the system, keeping reputation strong and maximizing revenue.

• SaaS Example: A startup offers free trials but notices lots of disposable emails like This email address is being protected from spambots. You need JavaScript enabled to view it.. They validate at signup, blocking these throwaways. Their conversion-to-paid rate improves because every trial user is tied to a real inbox.

• B2B Example: A software company relies on webinars for lead generation. Many registrations come from role-based emails like This email address is being protected from spambots. You need JavaScript enabled to view it.. They flag these addresses for manual review, ensuring real decision-makers get nurtured.

Real-Time Validation vs. Bulk Cleaning

There are two main ways businesses use validation. The first is real-time validation, which happens the moment someone enters their email on your site. If a visitor mistypes gmial.com instead of gmail.com, the system can prompt them to fix it before they hit submit. If they try using a disposable address, it can be blocked instantly. This keeps your list clean from the very beginning.

The second method is bulk cleaning, where you run your existing list through a validator. This is especially important if you’ve collected addresses over a long period of time. People abandon old inboxes, change jobs, or switch providers, and what was valid last year may not be valid today. Bulk cleaning allows you to sweep out the bad data before a big campaign, reducing your risk and improving performance.

Smart marketers use both. Real-time validation acts like a bouncer at the door, and bulk cleaning works like housekeeping to keep the whole place tidy.

• Real-Time Validation

  • Happens instantly as a user types their email.

  • Corrects typos (“Did you mean @gmail.com?”).

  • Blocks fake or disposable addresses.

  • Best for signup forms, checkouts, and lead capture.

   

• Bulk Cleaning

  • Scans existing lists (thousands or millions of contacts).

  • Categorizes addresses as valid, invalid, risky, or disposable.

  • Ideal before big campaigns, or quarterly database clean-ups.

   

Smart marketers use both: keep the front door clean and the back room tidy.

The Hidden Dangers of Disposable Emails

Temporary inboxes are the silent killer of list health. They:

• Pass initial checks but vanish after 10 minutes.

• Never engage, dragging down open rates.

• Signal low-quality subscribers, hurting deliverability.

Blocking them saves you wasted effort and misleading metrics.

How Validation Works Behind the Scenes

If you’re curious about the mechanics, here’s a peek under the hood. Validation starts with regex rules—basically a set of patterns that check whether the email follows standard structure. Then it moves on to DNS lookups, which confirm the domain is set up to receive mail. Finally, there’s the SMTP handshake, a lightweight interaction with the mail server that determines whether the specific mailbox exists.

On top of this, most validation tools compare addresses against known lists of disposable domains, spam traps, and high-risk accounts. It’s a bit like airport security: you don’t just check if someone has a ticket, you also make sure their name isn’t on a watchlist.

Don’t Forget Authentication

Validation ensures the recipient is real, but you also need to prove that you are real. That’s where authentication protocols like SPF, DKIM, and DMARC come in. They act as digital signatures, letting inbox providers know your messages haven’t been forged or tampered with.

Think of it as showing ID at the door. Validation checks the guest list, but authentication proves you’re the rightful host. Together, they form a complete system of trust.

Bringing It All Together with Zharik

At Zharik, we know how frustrating it is to see your carefully designed campaigns fail because of something as small as a typo or a fake signup. That’s why we built our email verification tool to make validation easy and effective.

Whether you need real-time checks on your signup forms or bulk cleaning for a legacy list, Zharik has you covered. Our system detects disposables, filters out spam traps, and gives you clear, actionable results. You can integrate it into your workflows with minimal effort, and once it’s in place, you can finally stop worrying about bounces and start focusing on growth.

Frequently Asked Questions

What’s the difference between email validation and verification?

Validation checks structure and domain. Verification digs deeper, confirming that the mailbox exists and accepts messages.

How often should I validate my email list?

In real-time for new signups, and every 3–6 months for existing lists.

Can email validation improve deliverability?

Yes. By reducing bounces and protecting your sender reputation, validation increases your chances of landing in the inbox.

Is email validation GDPR compliant?

Yes, when handled correctly. Zharik’s tool is designed to meet GDPR and other data protection requirements.

Final Thought

Email validation might not be glamorous, but it’s the silent engine that powers successful campaigns. Without it, you’re building on quicksand—every bounce, every fake signup, every abandoned inbox chips away at your results. With it, you’re building on rock: solid, stable, and ready to grow.

The question isn’t whether your business can afford email validation. The real question is: can you afford to go without it?

Have you ever faced big issues when trying to send a cold email campaign from a new domain? If so, you might have noticed that your open and click rates are quite low, often resulting in your emails ending up in spam. This is where domain warm-up comes in.

Today, we'll explore whether domain warmup still works in 2025, what the best practice for domain warm-up is and how it affects your email deliverability.

What Is Domain Warmup?

Domain warmup is the process of slowly sending more and more emails to build a good sender reputation with email services like Gmail, Outlook, and Yahoo.

Instead of sending 1,000 cold emails on the first day, you start with 5 to 10 emails a day and slowly increase the number until your domain is shown to be trustworthy.

The process often takes a few weeks or months. The sender gradually and consistently increases the number of daily emails to send during this time.

Why Domain Warm-up Matters in 2025?

Although inbox algorithms keep changing every year, the fundamentals of email deliverability haven’t really changed.
Email providers still look closely at how people engage with your messages; whether they open, reply, or simply ignore them.

At the same time, spam filters have become much tougher, especially with the rise of AI-driven detection. And if you’re sending from a brand-new domain, you’ll automatically be treated with suspicion until you’ve built a track record of healthy engagement.

That’s why, even in 2025, domain warmup remains one of the most dependable ways to land in the inbox particularly if you’re doing cold outreach or running sales campaigns.

Best Practice for Domain Warm-up

1. Start Small and Scale Gradually

When you’re warming up a new domain, resist the urge to send big volumes right away. Start with just 5–10 emails per day and slowly ramp up—adding about 10–20% more every couple of days. This steady growth tells inbox providers that you’re a legitimate sender, not a spammer.

2. Use an Email Warmup Tool

Manually warming up a domain can take weeks and requires constant effort. That’s why many businesses rely on automation. With Zharik’s AutoWarmup, the process is effortless: our system gradually increases your sending volume, while also simulating natural engagement (opens, replies, “mark as safe” actions).

The result? A healthier sender reputation, faster inbox placement, and far less hassle compared to doing it by hand.

3. Authenticate Your Domain

Before starting to send, you want to make sure your domain is properly verified. You should, at the very least, set these records:

• SPF (to verify your sending servers)

• DKIM (a digital signing for your emails)

• DMARC (to protect against spoofing)

• A custom tracking domain (to look professional)

Without these, your emails are farmore likely to go to spam, no matter how wellu warm up.

4. Avoid Spam Triggers

During warm-up, keep your email copies simple and natural. Avoid using aggressive promotional language, too many links, or pushy CTAs. The goal isn’t to sell right away; it’s to look like a trusted sender. Short, conversational emails work best at this stage.

Most Common Mistakes When Warming Up a New Domain

After running several tests, We've noticed a number of common mistakes people tend to miss when warming up new email accounts.

While a reliable warm-up platform can handle most of these automatically, those taking the manual route should watch out for the following pitfalls:

● Sending Too Many Emails Right Away

A mistake I see all the time is people jumping in too fast with their new email account. They’ll kick things off by sending 20–30 emails on day one and then quickly push their volume into the hundreds.

The problem? To email service providers, that kind of sudden activity looks suspicious and signals you might not be a trustworthy sender. Instead of building a good reputation, you’ll likely end up in the spam folder—the exact opposite of what you want.

The smarter approach is to start small. Send just a handful of emails at first, keep it consistent, and then slowly ramp up your sending volume over time. That steady pace is what helps you build trust and land in the inbox.

● Ignoring authentication records

Before you send a single email from a new account, make sure your authentication is in place.

Think of it like this: if you skip this step, your accounts could get flagged—or even blacklisted—before you ever reach your prospects.

There are three key protocols you need, and here’s what each one does:

• SPF (Sender Policy Framework): Tells email providers like Gmail and Yahoo that your messages are being sent from an approved server.

• DKIM (DomainKeys Identified Mail): Adds a digital signature to each email so providers know it hasn’t been altered in transit—this is what proves your email’s integrity.

• DMARC (Domain-based Message Authentication, Reporting, and Conformance): Acts as the final checkpoint. It lets you define what happens when an email fails SPF or DKIM, giving you control over how providers handle suspicious messages.

If you’re planning to use your accounts for cold outreach, don’t skip this step. Set up all three protocols right away. It’s the foundation of deliverability.

● Not Monitoring Bounce Rates

Every time you hit a non-existent or invalid address, it counts as a bounce. And with each bounce, your reputation as a sender takes a hit. Internet service providers (ISPs) treat high bounce rates as a warning sign, which can drag your deliverability down fast.

The fix is simple: monitor your bounce rate from the very beginning. If you see it spike, stop your warm-up immediately and clean up your list before sending again.

When you get a new phone, you don't run heavy apps right away. You have to charge it first. You also can't just start sending hundreds of emails from a new domain/Email Address and expect them to show up in people's inboxes. Email warmup is a technique that slowly build and imrove your sender reputation and helps your emails get to the inbox instead of the spam folder.

What Is Email Warmup?

Email warmup is the process of gradually increasing the number of emails sent from a new or inactive email account so that internet service providers (ISPs) and email platforms (such as Gmail, Outlook, and Yahoo) come to trust your address.

Instead of appearing "suspicious" by sending bulk campaigns all at once, warming up signals that you are a genuine, responsible sender engaging in genuine human-like activity.

But it’s not that simple. A series of factors are involved in assessing your reputation. Firstly, ISPs look at how recipients engage with your emails. Do they open them? Do they click on links, ignore the messages, or delete them? This is exactly where Email Warmup comes into play.

Do Domains Need Warmup Too?

Yes. In fact, it usually takes longer for a domain to warm up compared to a single email address.

Why Email Warmup Is Important

You might think you can simply start sending a low volume of emails directly to your potential leads instead of running warmup campaigns to seed accounts first. But why not? Well, here’s the catch.

Email warmup campaigns are specifically designed to build a sender’s reputation and improve deliverability. In contrast, regular email campaigns are created to drive clicks, conversions, and sales. Even the most well-crafted marketing emails, sent to a highly engaged audience, can still end up with disappointing open and click rates. Why? Because if only a handful of recipients flag your emails as spam, your entire campaign risks being filtered into the spam folder—leading to blacklisting of your domain or email account.

Moreover, there are ever grater reasons why you need to warmup your email account.

1. Builds Trust with Email Providers

Email providers like Gmail or Outlook can be considered as strict gatekeepers. They don’t let just anyone walk in and start sending hazards of messages. If they see a brand-new account suddenly pumping out bulk emails, it looks suspicious; almost like spam. Employing email warmup, you’re essentially showing these gatekeepers that you’re a trusted sender with a natural, steady pattern. Over time, they begin to trust your email address and allow more of your emails through to inboxes instead of blocking them.

2. Improves Deliverability

Even if you write the most engaging email in the world, it won’t matter if it lands in the spam folder. Email warmup prevent that to happen. When your address builds a healthy track record of sending small volumes that get opened and replied to, providers take it as a sign that people want your emails. The history you make enhance your deliverability, which means your future campaigns are more likely to land in the inbox where people will actually see them.

3. Protects Your Domain Reputation

Your domain reputation is like your credit score in the world of email marketing. Once it is ruined by a sudden spike of bulk emails, spam complaints, or too many bounces, it’s incredibly hard to rebuild. A bad reputation can follow your domain for months or even years. Warmup acts as a kind of insurance. By starting slow and building gradually, you keep your reputation safe and avoid mistakes that could leave long-term scars on your domain.

4. Prepares You for Scaling

Warmup isn’t just about the first few weeks of sending—it’s also about the future. Once your address has built trust and reputation, you’re in a much better position to grow. That means if your business wants to move from sending 20 emails a day to 2,000, you’ll be able to scale without raising red flags. Without warmup, those same 2,000 emails might get blocked outright. With warmup, providers are more likely to see the growth as natural and allow your messages through.

How to Warmup Your Email Account

There are two main options to warm up an email account: manually and automated.

How Manual Warmup Works

Doing it manually gives you the most control over the process, but it also requires patience. The idea is simple: start by sending a small number of emails each day to people you know and trust. This could be your personal Gmail, an old Hotmail address you still have, or even accounts you use for other projects. Once you’ve covered your own bases, involve friends, family, or colleagues who don’t mind lending a hand.

The goal here is to send messages across a variety of inbox providers (Gmail, Outlook, Yahoo, etc.) so your address looks trustworthy everywhere. And remember—it’s not just about sending. Engagement matters just as much. Ask your contacts to open the emails, reply when they can, and, if one of your messages slips into the spam folder, move it back into the inbox and mark it as safe.

The upside? Manual warm-up is completely free. The downside? It’s slow, and it usually relies on the goodwill of people in your network.

Automated Warm-Up

Since all of these manual efforts would probably sound like a chore, there are tools dedicated to taking care of it for you. Zharik is an all-in-one warmup tool that connects to your account and provides real human interactions such as opening, clicking, and replying to emails. This platform utilizes a network of real humans, referred to as seeds, who actively open your emails and engage with your email account, ensuring an effective warm-up that maximizes your deliverability.

That said, not all tools are created equal. Before you sign up for one, it’s worth digging into how the service actually works. A few key things to consider:
• Are they using real, active accounts, or just throwaway email addresses?
• Do the emails contain meaningful text, or are they filled with gibberish?
• Is there genuine engagement—opens, replies, and inbox recovery—or just empty sending and receiving?

These details make a big difference. A well-built warm-up service can fast-track your deliverability. A poorly designed one can do more harm than good.

How Email Warm-Up Powers Your Cold Email Strategy

Cold email by nature can feel… well, cold. You’re showing up unannounced in someone’s inbox, and if you’re not careful, you might get treated like junk before you even get the chance to introduce yourself.

That’s exactly where email warm-up fits in. It’s not a fancy add-on—it’s the foundation. Think of it as the small talk before the pitch, the stretch before the sprint, or the rehearsal before opening night. Without it, you’re walking into the room unprepared.

First Impressions Happen Before the Reader Even Sees Your Email

Here’s the thing: your prospect isn’t the first one judging your message—email providers are. Gmail, Outlook, Yahoo… they’re all scanning your activity constantly. If a brand-new email account starts blasting out dozens of messages a day, alarms go off. To them, that screams “spam.”

Warm-up fixes that. By sending gradually, getting opens and replies, and looking more human in your behavior, you build a track record. Over time, providers start to recognize your account as safe and trustworthy. Only then do your messages stand a real chance of landing in the inbox where your prospects can actually read them.

It Lays the Groundwork for Deliverability

Skipping warm-up is like trying to plant seeds in dry soil—it just won’t stick. Even the best-written cold emails can vanish into spam if your sender reputation is shaky. With proper warm-up, you’re essentially preparing the soil so that when you do start sending real campaigns, your emails have the best chance to take root.

Warm-up gives you:

• Higher inbox placement rates (not spam or “promotions”).

• A growing sender reputation that compounds over time.

• Protection against blacklists that can kill your outreach overnight.

• Signals to ISPs that you’re a genuine sender, not a fly-by-night spammer.

It Buys You Valuable Time

Another underrated perk of warm-up is that it gives you a built-in window to get your cold email strategy polished. While your account is slowly ramping up, you can:

• Write and refine email templates that feel personal, not pushy.

• Do deeper research on your target audience.

• Segment prospects into groups for more relevant outreach.

• Test different subject lines and calls-to-action.

By the time your email account is fully warmed, you’re not scrambling—you’re prepared. You’ve got both a sender reputation that providers trust and a message strategy that prospects are more likely to respond to.

Final Thoughts

Email warm-up isn't just a technical trick; it's an opportunity to build trust.  You wouldn't yell your name when you first met someone; instead, you'd start small, show that you're real, and let trust blossom over time.  That's exactly what email warm up accomplishes.

By taking the time to warm up properly—whether manually or with the help of a tool—you protect your domain, improve your chances of landing in the inbox, and set yourself up for long-term success. More importantly, you make sure that the effort you put into writing your campaigns actually pays off, because your emails are being seen.

So if you’re serious about cold outreach or scaling your marketing, don’t skip this step. Warm-up may feel like a slow start, but it’s what makes sure your emails reach the right people when it really counts. In the world of email, patience and preparation aren’t optional—they’re the secret to lasting results.