b2b email deliverability - getting to the inbox
DESCRIPTION
by Chris ArrendaleTRANSCRIPT
B2B & Corporate Email Filters ◦ Microsoft ◦ Cloudmark ◦ Postini ◦ SpamAssassin
Measuring Reputation List Hygiene Bounce Management IP & Domain Authentication Whitelisting & Feedback Loops Key Points to Remember Helpful Links Data Metrics
Microsoft Forefront for Exchange Server
9 levels of filtering (in order):
1. Connection Filtering
2. Sender Filtering
3. Recipient Filtering
4. Sender ID
5. Content Filtering
6. Sender Reputation
7. Attachment Filtering
8. Microsoft Forefront Protection (Antivirus package level)
9. Outlook Junk Email Filtering
Cloudmark controls over 750,000 email boxes Some of the ISP's that rely on Cloudmark include:
163.com Cablevision Comcast Shaw.com Swisscom
Millions of users all over the world feed Cloudmark’s fingerprinting engine by voting on an email “spamminess”.
Once identified as spam a fingerprint is created and stored to match future emails
Small changes to an email will NOT be enough to slip by filters According to Cloudmark, spammers are becoming crafty and are
starting to model delivery after regular senders by sending smaller batches and modulating their connection rates and lengths.
Online based spam filtering application owned by Google with more than 26 million users.
Global filter and User filter
Has whitelist and blacklist
Used by many B2B domains and corporations
Device used to detect and block spam
Big on blocking due to spam traps, user complaints (from their network), and content.
The Barracuda Networks spam firewall use a digital Finger Print, built from the messages received by their spam trap network to classify spam regardless of the contents. Messages with the same images become easy to detect as all of these will have the same finger print and thus be easy to detect and filter. This is especially common in legitimate email traffic as the sender is not modifying the content or appearance of the image for each message (or group of messages), this is a common tactic used by spammers.
Open source spam filter
Right out of the box configuration for many domains.
Can be customized with many different rule sets and “scores”
Example: ◦ Word = Orange (5 points)
◦ Anything over 4 points, don’t allow into network
Return Path SenderScore ◦ Score from 0-100 that measures your overall reputation.
This data is pulled from many different sources.
◦ https://senderscore.org/
Cisco SenderBase ◦ Online reputation by IP or domain.
◦ http://www.senderbase.org/senderbase_queries/rep_lookup
McAfee TrustedSource ◦ Reputation check for the McAfee network. Can check IP
or domain.
◦ http://www.trustedsource.org/en/feedback/checking
List hygiene ◦ Immediately remove invalid mailboxes ◦ Set up a soft bounce plan that works for your brand.
List scrubbing ◦ Services that check for valid domains, emails, and
possible known spam traps. ◦ May help cut out many of the bad email addresses and
spam traps you would send to.
Spam traps ◦ Spam Traps are real email addresses. ◦ Often ISPs will take over abandoned email addresses and
turn those into spam traps. Set up and monitored by blacklists.
A hard bounce is a permanent email delivery failure. Some reasons for a hard bounce would be sending to a mailbox that doesn’t exist (bad mailbox) or a domain that doesn’t exist (bad domain).
A soft bounce is a temporary email delivery failure. Soft bounces can be caused by sending to a mailbox that’s full or having an ISP temporarily block emails being delivered from your IP due to reputation issues.
Maintain a bounce rate of less than 10 percent, as recommended by most major ISPs.The lower the number of hard bounces you receive, the better your reputation.
Don’t retry sending to “soft bounce” addresses too soon.
Don’t retry sending to “soft bounce” addresses too often.
SPF Compliant SenderID Record ◦ IP based authentication ◦ Email authentication methods used to prevent spam and spoofing by
validating that the sending IP address is authorized to send mail for the sending domain. SPF checks are performed on the (sub)domain found in the Return-Path (Envelope From) email header, while Sender ID checks are performed on the From, Sender, Resent-From, and Resent-Sender email headers.
◦ v=spf1 ip4:209.19.23.12 -all
DKIM ◦ Builds your domain reputation. ◦ Creates a portable reputation ◦ Protects your brand against phishing and spoofing. ◦ DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=gamma; h=mime-version:x-notifications:date:message-id:subject:from:to :content-type; bh=kV8k7QXhM6nPbY7LCyVktE57+gZQVtUnDef2dnvDgmk=; b=NvEKD8r8DBlkdAJ0PTFK1wSzzANB3xCZfE7HMBMloJvbn2viM8VQ7OaG6uRv5397Ti FMqlRut+qZrosjSgljl6eZU6oJj/HMqIuwlqP8RXzvZ6HDWfxx2ujRayJd/1q+xU8S9P tSGjuCh1B8C3z31hpbvORNRUIsdYLBX7M8f6A=
Provider / ISP Name Offer Whitelisting Offer Feedback Loop
AOL Yes Yes
BlueTie (Excite) No Yes
Comcast No Yes
Cox No Yes
Earthlink No Yes
Fastmail No Yes
Hotmail No Yes
OpenSRS No Yes
Rackspace No Yes
RoadRunner No Yes
Synacor No Yes
United Yes Yes
USA.net No Yes
Verizon Yes Yes
Yahoo Yes Yes
Rate limits ◦ Many B2B domains have connection and rate limits to their
network to slow down the amount of emails they receive. ◦ Key is to send as slow as possible as many of these domains
do not publish rate limits.
Content ◦ Even for B2B senders, content is key. ◦ Filters still look at content, including many B2B filters.
Add To Address Book Statement Local whitelisting
Monitor Mailboxes ◦ abuse@, privacy@ and postmaster@ email addresses and
respond to serious inquiries.
“The Insider” ◦ As I call them! Users who work at the domain you are
contacting that can help get your sending information whitelisted.
User Engagement - Recipient behavior is what the recipient does with the mail once it is delivered. If the recipient clicks on the abuse button or deletes the message without ever reading the message this will negatively impact future mailings. Opens/clicks and moving mail from the bulk folder to the inbox provide the best impact towards improving IP reputation
IP Reputation – Monitoring IP reputation from various sources will provide an overall view of how you look to the rest of the Internet. This includes SenderScore, TrustedSource, SenderBase and others.
Ramp up – For large clients we recommend ramping up volume until the full list is reached. Because of mailbots (mail zombies ) the ISPs are looking at sudden spikes of volume from new or existing IP addresses.
Data Protection – Always make sure that your subscriber’s data is kept safe and secure.
Corporate Blacklists and Spam Filters Fortiguard Antispam from Fortinet -
http://www.fortiguard.com/antispam/antispam.html Sophoslabs - http://www.sophos.com/security/ip-lookup Symantec Brightmail -
http://www.symantec.com/business/security_response/landing/spam/index.jsp Cisco IronPort SenderBase - http://www.senderbase.org/ Barracuda - http://www.barracudacentral.org/lookups/ip-reputation McAfee TrustedSource - http://www.trustedsource.org/ Proofpoint - https://support.proofpoint.com/rbl-lookup.cgi Postmaster Links: Yahoo - http://help.yahoo.com/l/us/yahoo/mail/postmaster Gmail - https://mail.google.com/support/bin/answer.py?answer=81126 Hotmail - https://postmaster.live.com/ AOL - http://postmaster.info.aol.com/ Deliverability Links: Deliverability.com Blog – http://blog.deliverability.com Cloudmark Blog - http://blog.cloudmark.com/ Gmail Status Dashboard - http://www.google.com/appsstatus#hl=en Email Marketing Reports - http://www.email-marketing-
reports.com/deliverability/ ReturnPath Deliverability Blog -
http://www.returnpath.net/blog/emaildeliverability/ Real Magnet Blog - http://blog.realmagnet.com/ Authentication & Spam Check Test -
http://www.port25.com/corporate/corp_news_authenticator.html
1 spam trap can cause your SenderScore to drop 20 points
Yahoo accepts only 1 out of 8 emails
47% of subscribers use the "spam" button to unsubscribe
77% of marketers experience emails being diverted to the spam folder
Many URL shorteners are on blacklists. Don’t use them!