Salesforce Experience

Ivan Razine

Blog owner of, SFMC Developer at ENGIE Electrabel, Brussels, 36 y.o.

My journey with Salesforce Marketing Cloud (SFMC) has started almost 3 years ago.

I used to be a Consultant. After about 1.5 years working for my first client, ENGIE Electrabel, I applied for an internal position at ENGIE and was accepted. I was happy to have this position as it opened many doors and eventually allowed me to become a Marketing Cloud developer in the Marketing and Sales department.

I haven’t learned IT, I am a Graphic Designer.

When I was studying, I first believed I’d become a French-Russian conference interpreter. When that dream failed, I started studying to be a Graphic Designer and thought my work will always be related to Photoshop and Illustrator. Then, my interest shifted towards creating website designs and Adobe Flash animations and games. Eventually I’ve learned jQuery to make my websites more dynamic.

My first idea was to start a YouTube channel, but getting a demo Marketing Cloud account for someone who’s not a Salesforce partner turned out to be impossible at that time.

I’ve created my blog out of anger.

The anger directed at the poor, incomplete and sometimes incorrect official documentation. I had no lucrative goals in mind. I just wanted to share my findings with the developers who were struggling as much as I did.

When I’ve started to work with SFMC and touched scripting topics, there very few helpful resources and some of the scripting code in the official Salesforce documentation had bugs. I tested on my own first and then created a collection of code snippets just for me. Then, I started sharing them on internal Wiki to help my colleagues and after some time, I realized that I wanted more people to know about my findings. This is how my blog came to be.

I wanted to improve my own skills whereas help others to know the real use case scenarios.

The best of what I’m making, I’m not posting on my blog. The goal of my blog is to provide the developers with enough knowledge to figure out things for themselves. Blunt copy-pasting is the enemy of learning.

My main benefit from the blog is that people know my name across the Globe, from the US till Australia. The rest is a bonus.

If I have a complex technical question and I can’t figure out the answer on my own, I try to contact Sascha Huwald for answers, as he’s more skilled than me in both security and code related questions. For everything related to AMPscript, Eliot’s website is my absolute reference.

The most of time I am using Google and YouTube as my biggest allies for finding answers.

But I know nothing about it… Ok, I will go and learn about that.

Greg Poirier (CEO of CloudKettle) contacted me and we agreed to collaborate, either in writing or podcast formats. The topic Greg and his team chose was related to Marketing Cloud Security and since my knowledge about web security was next to zero, I was hesitant to accept. In order to acquire more knowledge, I contacted my company’s security team, which lead me to be accepted as a member of the Security Guild, where I could learn and ask whatever question I had about security. As a result, I was eventually asked to make a department-wide presentation about one of the most asked about topics: cookie security. After that session I felt confident enough to speak externally about security-related topics and share my knowledge with the others. As Eliot just joined CloudKettle, he asked me if I was interested to make a webinar together and I immediately accepted. Later on, after the video was released, Guilda Hilaire asked Eliot and me to do the same for LookUp Answers. And this is how all of it came to be.

Before my first LookUp session I thought I would cover everything I had to say in about 20 minutes, but it turned out that I could speak for an additional hour, as I’ve prepared a lot of material to share with the Community.

The idea about reCAPTCHA articles came with a situation, when we started to receive a lot of records created by the SPAM bots through the web forms. Interestingly, most of the data was having the surname ‘Smith’.

I was asked on LookUp Answers how to use reCAPTCHA v3 but I didn’t have the answer. So, the content for my next article was immediately chosen.

Bots are seeking for the most used fields: first name, last name, email. To prevent these bots from creating a record through a cloud page form, we can hide those fields with CSS and make a condition in the code: if these fields are filled out, then don’t send the data to the data extension. For the real fields, the naming could be used in a different way: customer first name, customer last name, email of a customer, etc. This technique is called Honeypot and is easier to implement than reCAPTCHA, but it won’t help against more advanced bot attacks.

JavaScript made a huge progress in the past years, jQuery is not needed anymore.

I am very strong in email building. Today and at my demand, every SFMC email that goes out my company, goes through my Quality Control.

Outlook 2016 is the weirdest Outlook that exists. It’s an enemy to any email.

I liked Pardot very much. But then Marketing Cloud came into my life.

Apparently in Belgium, I’m one of the few people who have a vast experience and deep knowledge in creating responsive HTML emails. One company wanted to hire me because of this particular skill. I’ve spent two hours during the interview, speaking only about emails. Eventually, I learned that my profile was very hard to find.

Some HTML elements are not recommended for use in HTML email, like h1, h2, p, etc. TD tags are the best tags to keep your inline styling, as they will look the same across all the platforms.

Working with code is stressful. Sometimes the code doesn’t work, and you ask yourself what’ wrong here. Then, you see that you forgot to put one bracket.

The problem comes when a person sees the code for the first time. To have an eye for the code took me almost two years of practicing. Before I needed to squint and try to analyze what’s written in the code. Now I’m reading it like in the movie Matrix.

Marketing is a theory. Sometimes it works, and you know why. Sometimes it works, but you have no idea why.

A/B testing is a doubtful practice. The key is audience segmentation. Based on different terms: living standard, age, product preference, etc.

My successful strategy is to inform a client at each stage of development even during the earliest one. Every change made on each stage takes me less time to amend, whereas if the same change would be made in the very end it will take far more time.

Perfectionism needs to die.

I was taught a Pareto rule (80/20) that helps me a lot right now: with 80% of work you will succeed, everything above that will need much more time and energy. The result and revenue in both cases won’t have a big difference. That’s what I learned when I was working for an e-commerce.

Begin immediately and fast.

Then it will become easier to handle things. Before, writing one article took me up to 1-2 days, now I can make one in 3-4 hours.

To start with something, you need to have a clear idea. In my case the idea was to fill the gap in missing documentation of SSJS and AMPscript.

For those who is starting a career with SFMC, I would recommend being a part of the Community. It’s very easy. If a person sits all the time in Facebook, he/she could also visit LinkedIn and read some interesting content and informative article there.

The most of valid information is free: webinars, blogs. Just open, read, listen, and learn.

From the technical Marketing Cloud perspective, bloggers helped me a lot!

I’ve developed an app that works in Marketing Cloud and performs a search and replace for a certain word across all the blocks of the Content Builder. The issue that led to such development was a request for a change in the base URL of some images that were scattered across thousands of HTML blocks. This app saved us several weeks of manual work.

I like this feeling that I made some contribution in Marketing Cloud information base.

My blog gives an inspiration and sometimes a kick for some people to start their own blogging activity.

Providing professional trainings was my idea for this year, but the COVID19 health crisis changed all my plans.

When the quarantine has started in Belgium, our offices were closed and everyone at Marketing and Sales started to work from home. The result was an important increase in productivity and since then, the management is considering letting more people working remotely.

The most important is to have some activity that you love. I can code for a long period of time and it never exhausts me.

This year I’ve started learning Vue.js, with which new interesting possibilities with Marketing Cloud forms are opened.

I have a tradition, every year during New Year holidays I fly to Moscow to visit my relatives, this year unfortunately it won’t happen.

All my dreams came true this year. All the goals were met. When you love what you’re doing and you know it well, then everything works out eventually and the doors start opening themselves. When you are good at your craft, people will notice.

SFMC Admin

Multi-Factor Authentication

You’ve probably noticed a pop-up message that appears from the recent times once you login into your Marketing Cloud instance telling you to enable Multi-Factor Authentication aka MFA. Why should you enable it? How to do this? You will get all needed information in this article.

Currently having MFA enabled is optional but will turn mandatory in the near future. So, better get ready.

Security in SFMC 

Let’s take a few steps back before we make a deep dive into MFA and speak about SFMC Security in general. 

Marketers currently work in highly personalized digital marketing landscape and Data Security is a crucial topic, while security comes into responsibility for everyone. Not only the service provider should ensure its solution is secure, but it is also customer’s responsibility to know the security aspects of working with data and being compliant with the recent security standards. 

Marketing Cloud has its own best practices to prevent common security threats such as credential or data loss/theft, phishing attacks, brute force. Amongst those best practices are: 

  • Roles and permissions 
  • Data Encryption (data-in-transit; data-at-rest* (paid add-on feature))
  • Data Retention policies 
  • Content Approval process 
  • SSL Certificates
  • Tenant specific endpoint 
  • SSH File Transfer Protocol
  • IP allow listing 
  • Identity verification (automatically replaced by MFA) 
  • SAML 2.0 SSO (single sign-on) 
  • Audit Trail 
  • Multi-Factor Authentication 
  • Loyal admin 

MFA adds another layer of protection to enhance SFMC login process. A user can successfully login into SFMC instance with passing two-step authentication: providing credentials (username and password), and also by additional verification method. There are in total three of them: 

  1. Salesforce Authenticator mobile app 
  2. Third-Party Authenticator app (TOPT) – Authy, Microsoft Authenticator, Google Authenticator 
  3. Security key (one type) – Yubico’s YubiKey, Google’s Titan Security Key 

Calls, SMS or email verification methods are not allowed for MFA. 


  • Enterprise accounts allow MFA enablement at the top-level account in the tenant. BUs can only view the settings. 
  • SFMC SAML 2.0 SSO is not compatible with MFA, so MFA should be still enabled as an extra safeguard. 
  • Multiple MFA Verification Methods are possible (Salesforce Authenticator + one type of Security Key + one type of TOPT Authenticator App), in case only one method per verification method type is registered. 

MFA Enablement 

Only SFMC Admin could enable MFA.  

First step is to click ‘Get Started’ at the pop-up message which appears after you log in to SFMC instance. 

Marketing Cloud will send a verification code to email address associated with your SFMC user. This code should be pasted in the field and verified.  

Then, you will have a choice of authentication methods available. 

For Salesforce Authenticator: 

  • You need to download and install the app from the Apple Store or Google Play. 
  • In the app select Add an Account option, then a two-word phrase will be displayed. 
  • Click in SFMC to connect the account to SF Authenticator and put the phrase from the app in the displayed field. 
  • Once the request is submitted, both sides should be connected. 
  • Now you can use the app for MFA to approve your logins in SFMC. 

For Security Key: 

  • Connect the Security key to your device and click Register. 
  • Give your security key a name. 
  • Save the setup. 

For Third-Party Authenticator App: 

  • You need to download and install a time-based one-time password (TOTP) authenticator app on your mobile device. 
  • Open the TOTP authenticator app and add an account. 
  • Use the authenticator app to scan the QR barcode that’s displayed on the Connect an Authenticator App screen.  
  • Another option is to manually generate your security key and enter it in the authenticator app. 
  • Enter the key and both sides should be connected. 

You can now log in to your Marketing Cloud account with your password and the value provided by your authentication method. 

All MFA events are logged in SFMC. You can find them in Setup -> Multi-Factor Authentication ->View MFA Events. 

Start using the new MFA Marketing Cloud feature and follow security best practices to build a comprehensive security controls for your marketing platform. 


Official Salesforce MFA Documentation 

Marketing Cloud Security Guide 

Marketing Cloud Security Trailhead 

Personalization Strategy

Personalization Strategy: How you should define one

As digital marketeers, we notice the shift from pushing general content and non-personalized campaigns to delivering personalized experiences and understanding what our customers want. One-to-one personalization is the approach that will give you competitive advantage right now and, in the future, will be a ‘must’ for all companies dealing with the customers. It is bound up in cross-channel strategy and in an integrated view on the customer.

Let’s dive a bit deeper to understand personalization strategy and how to start planning it.

No matter how big or small your company is, customer-centric marketing approach could be right for you. Personalization strategy is not something that can happen overnight. Like any other business initiatives, it should start with the purpose and the value of a process, its comprehensive definition and potential benefits it could bring, team assignment, KPIs, stakeholders, etc. Strategic perspective means you consider this initiative to be a long-term one. An approach to achieve a quick win is certainly possible, where you can build small simple personalized campaigns to get the results and see performance in a short-term period, but in order to achieve bigger goals and move on a higher level, you should define a clear personalization strategy.

If you are already delivering some personalized experience to your customers, it should be considered in your personalization strategy with consideration of its extension. If there is no one in place, an initial research should be held with a roadmap where you state how your new personalization initiatives will be built and developed based on already existing processes, and also how they are rolled out in your main business and marketing strategy.

Each strategy should have its clear goals and measurement of success. Remember, “you can’t manage if you can’t measure”. Some common goals to achieve are improving the conversion rate, increasing retention, reducing the bounce rate, increasing average order value, etc. Your company might face some specific challenges that personalization initiative could support. You should think of that to get a clear overview of any problematic point that you want to address.

The answers for the questions you prepare about your future personalization strategy will lay in the data you have. Your data could tell you a very impressive and long story about your customers, about your opportunities and pain points. Continue with data analysis to find new areas for improvement. Poor data analysis will bring you to poor personalization insights, so pay high attention to it.

To deliver personalized experience it is essential to have the right technology to support it. There are plenty of personalization platforms and tools on the market to choose from. But, obviously, I will sing my praises to a leader in 1-to-1 personalization –  Salesforce Interaction Studio (previously Evergage). This customer data platform (CDP) has joined the Salesforce family in February 2020. Supported by white box machine learning (ML) algorithm (Contextual Bandit), it enables B2C and B2B companies to leverage industry-learning ML to automatically determine and deliver the optimal offer, promotion, image, action or complete experience to individual website visitors, application users and email recipients. In my next series of articles dedicated to personalization, I will uncover further functionalities and campaign building aspects with the new Salesforce Interaction Studio.

Last but not least, a crucial component for planning a personalization strategy is the Team. There should be dedicated roles for selected individuals who will support the strategy on ongoing basis. Main Personalization Team responsibilities will include planning and managing the personalization campaign calendar, design of personalization experiences, its testing and support, etc.

Planning, maintaining and evaluating personalization strategy is a big deal which will bring you big results. Establishing one will create significant competitive advantages for your company. On the other hand, “businesses that fail to provide personalized experiences to their customers will be at a disadvantage. So it’s time to invest in personalization now.”

Story to be continued.

P.S. Inspired by an empowering book ‘One-to-one Personalization in the Age of Machine Learning’ by Karl Wirth and Katie Sweet, Evergage, Inc.

Journey & Automation

Meet SFMC Behavioral Triggers


Behavioral Triggers start from Behavioral Marketing or Behavioral Targeting – the way you reach out your customers using their past actions and behavior. As examples could serve running a specific targeted ad campaign for a precise audience segment, real-time product/service/article recommendations on your web showed to a visitor, retargeting ads, and others.

Once a customer completes an action – submits a form, clicks on an email link, abandons cart, or makes a purchase – it could be sent through a specific funnel, or a marketing journey. All who have experience with SF Marketing Cloud already know how to setup a Journey and guide a customer through a personalized flow. From the Marketing Cloud July 2020 Release there is currently available another supportive tool, called Behavioral Triggers.


This new feature works together with Predictive and Personalized Recommendations (Einstein Recommendations). The users of Personalization Builder (Author’s note: The Builder itself is retired and migrated to Einstein features) are familiar with them.

  1. Firstly, you configure Collect Tracking Code and install it on your website. It is a JavaScript snippet to capture your known customers and anonymous visitors’ behavior and events at the user level on your web pages.
  2. Secondly, you configure your catalog source – a Product Catalog. Items in your catalog should be uploaded or streamed to determine which product recommendations to show in the emails or web.

Once all prerequisites are met you can start creating your Behavioral Triggers. Each trigger will be used to write engagement data about customers’ actions to a specific target Data Extension. Actions that could be tracked are simple browser session, cart abandonment, customer’s lapse, subscription to a newsletter, sign up, content view/download, click-throughs, etc. When creating Behavioral Trigger, you can set the suppression period and suppression rule time frame. All created Triggers are available in Behavioral Triggers dashboard. You can edit, pause, and resume the triggers.


With Behavioral Triggers you can use behavioral data written into Data Extensions in journeys and emails:

  • In Journey Builder Behavioral Trigger Data Extensions could be used as a Data Extension entry source.
  • In Content Builder emails subscriber’s abandoned items can be dynamically added by using Behavioral Triggers content block (see email content block configuration below).


To raise your open, click-through and conversion rate you need to consider one of 3 popular retargeting strategies: email retargeting. Behavioral Trigger configured for a cart abandonment process will be a perfect match. Abandoned products could be included into email content and cart abandoned audience will be used as an Entry Source for the Journey. This highly personalized behavioral campaign will help you to recover the purchases and increase sales.

SFMC Email

Interactive Email Form Block Discovery

Innovative, engaging and interactive email form blocks are live in Salesforce Marketing Cloud Content Builder since March 2020 Release. The form enables marketers to easily build interactive form that rendering in the customer’s inbox. When the form is submitted, data is written to a Data Extension and the customer is landed on a specifically created CloudPage to see some Thank You content.

Which use cases are supported by an interactive form block?

Almost any that come into your mind. You can either start from scratch, create a review from already prepared template, update subscriber’s profile with progressive profile form, or present some variations of a case or lead form for Salesforce data integration.

What assets are needed to build an interactive email form:

  1. CloudPage – there is a new type available called Interactive Email Page. If the general Cloud Page is created, you will not see the one in CloudPages Destination drop down list.
  1. Data Extension – in the second step of a form creation you have selection of your response capture. It could be already existent Data Extension, or the one you let create automatically when the form is created.
  2. Fallback Content – here it is important to grab your attention: not all email clients support interactive forms. That is why you need to think about your fallback state, that will be displayed in that worse case. This could be a button that links to the form on the CloudPage, for instance. Or, you can also choose to show nothing.

From the technical perspective the form itself is built with the help of AMPscript.  

VAR @CPID, @deExtKey, @encodedDeExtKey, @CPURL, @qsStart, @qsValueStart, @qsValue, @unmappedFields
SET @CPID = “2516”
SET @deExtKey = “018FF1D8-AA54-4163-AE62-C352D946ACEA”
IF (@CPID == “undefined”) AND (@deExtKey == “undefined”) THEN
RaiseError(“Please select a CloudPage and Data Extension and assign all fields to data attributes on the Interactive Email Form Block.”)
ELSEIF (@CPID == “undefined”) THEN
RaiseError(“Please select a CloudPage on the Interactive Email Form Block.”)
ELSEIF (@deExtKey == “undefined”) THEN
RaiseError(“Please select a Data Extension and assign all fields to data attributes on the Interactive Email Form Block.”)
SET @encodedDeExtKey = URLEncode(@deExtKey,1,1)
SET @CPURL = CloudPagesURL(@CPID,’ic_deN’,@encodedDeExtKey)
SET @qsStart = IndexOf(@CPURL,’?’)
SET @qsValueStart = Add(@qsStart, 4)
SET @qsValue = Substring(@CPURL, @qsValueStart)
VAR @linkToClickCode, @link2C, @regexPattern, @trackedClickLink
SET @linkToClickCode = ‘Interactive Email Form Submit
SET @link2C = TreatAsContentArea(“submitTrackingClick”, @linkToClickCode)
SET @regexPattern = ‘href=”(.+?)”‘
SET @trackedClickLink = RegExMatch(@link2C, @regexPattern, 1)

You can recognize @CPID as a CloudPage ID, @deExtKey as a Target Data Extension for the Response Capture, and other technical parameters to raise an error in case unexpected error occur (RaiseError), to link to a CloudPage with encrypted values (@CPURL), etc.

What you can see from the User Interface is simple drag&drop options, that make it easier to select CloudPage response capture, right type of field for the form, design of the elements, etc.

For the input capture you have plenty of options available.

You can also use hidden fields to pass information you already know behind the scenes. These fields could be passed in AMPscript format, for example %%=v(@value)=%%. Don’t forget to define this ‘value’ in the block before the form, for example:

set @value = AttributeValue(“value”)

For the rating option, you are limited to present ‘star’ images. But there are available several special workaround options.

First simple option is to use ‘Button Single Choice’ as an input choice. You can then amend the buttons in Design Tab.

The second option is more global. In case you want to add some customizations to your form, you can copy the raw code of the form that is available in the Code View Tab and amend it on a side accordingly. Then paste back to the email as an HTML block. Don’t forget to test the form carefully then! 😊

Need more info?

Check official documentation that covering how to create an interactive email page, form block and having FAQ section.

There is a Trailhead module created especially to explain how interactive email can improve your marketing strategies.

You can also ask me directly writing an email to or in Twitter.