b2b email deliverability - getting to the inbox

Download B2B Email Deliverability - Getting to the Inbox

Post on 08-May-2015




2 download

Embed Size (px)


by Chris Arrendale


  • 1. B2B & Corporate Email Filters Microsoft Cloudmark Postini SpamAssassin Measuring Reputation List Hygiene Bounce Management IP & Domain Authentication Whitelisting & Feedback Loops Key Points to Remember Helpful Links Data Metrics

2. Microsoft Forefront for Exchange Server9 levels of filtering (in order):1. Connection Filtering2. Sender Filtering3. Recipient Filtering4. Sender ID5. Content Filtering6. Sender Reputation7. Attachment Filtering8. Microsoft Forefront Protection (Antivirus package level)9. Outlook Junk Email Filtering 3. Cloudmark controls over 750,000 email boxes Some of the ISPs that rely on Cloudmark include: 163.com Cablevision Comcast Shaw.com Swisscom Millions of users all over the world feed Cloudmarksfingerprinting engine by voting on an email spamminess. Once identified as spam a fingerprint is created and stored tomatch future emails Small changes to an email will NOT be enough to slip by filters According to Cloudmark, spammers are becoming crafty and arestarting to model delivery after regular senders by sendingsmaller batches and modulating their connection rates andlengths. 4. Online based spam filtering application owned byGoogle with more than 26 million users. Global filter and User filter Has whitelist and blacklist Used by many B2B domains and corporations 5. Device used to detect and block spam Big on blocking due to spam traps, user complaints(from their network), and content. The Barracuda Networks spam firewall use a digitalFinger Print, built from the messages received by theirspam trap network to classify spam regardless of thecontents. Messages with the same images become easyto detect as all of these will have the same finger printand thus be easy to detect and filter. This is especiallycommon in legitimate email traffic as the sender is notmodifying the content or appearance of the image foreach message (or group of messages), this is a commontactic used by spammers. 6. Open source spam filter Right out of the box configuration for manydomains. Can be customized with many different rulesets and scores Example: Word = Orange (5 points) Anything over 4 points, dont allow into network 7. Return Path SenderScore Score from 0-100 that measures your overall reputation.This data is pulled from many different sources. https://senderscore.org/ Cisco SenderBase Online reputation by IP or domain. http://www.senderbase.org/senderbase_queries/rep_lookup McAfee TrustedSource Reputation check for the McAfee network. Can check IPor domain. http://www.trustedsource.org/en/feedback/checking 8. List hygiene Immediately remove invalid mailboxes Set up a soft bounce plan that works for your brand. List scrubbing Services that check for valid domains, emails, andpossible known spam traps. May help cut out many of the bad email addresses andspam traps you would send to. Spam traps Spam Traps are real email addresses. Often ISPs will take over abandoned email addresses andturn those into spam traps. Set up and monitored byblacklists. 9. A hard bounce is a permanent email delivery failure.Some reasons for a hard bounce would be sending toa mailbox that doesnt exist (bad mailbox) or adomain that doesnt exist (bad domain). A soft bounce is a temporary email delivery failure.Soft bounces can be caused by sending to a mailboxthats full or having an ISP temporarily block emailsbeing delivered from your IP due to reputation issues. Maintain a bounce rate of less than 10 percent, asrecommended by most major ISPs.The lower thenumber of hard bounces you receive, the better yourreputation. Dont retry sending to soft bounce addresses toosoon. Dont retry sending to soft bounce addresses toooften. 10. SPF Compliant SenderID Record IP based authentication Email authentication methods used to prevent spam and spoofing byvalidating that the sending IP address is authorized to send mail for thesending domain. SPF checks are performed on the (sub)domain found inthe Return-Path (Envelope From) email header, while Sender ID checks areperformed on the From, Sender, Resent-From, and Resent-Sender emailheaders. v=spf1 ip4: -all DKIM Builds your domain reputation. Creates a portable reputation Protects your brand against phishing and spoofing. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;s=gamma; h=mime-version:x-notifications:date:message-id:subject:from:to :content-type;bh=kV8k7QXhM6nPbY7LCyVktE57+gZQVtUnDef2dnvDgmk=;b=NvEKD8r8DBlkdAJ0PTFK1wSzzANB3xCZfE7HMBMloJvbn2viM8VQ7OaG6uRv5397TiFMqlRut+qZrosjSgljl6eZU6oJj/HMqIuwlqP8RXzvZ6HDWfxx2ujRayJd/1q+xU8S9P tSGjuCh1B8C3z31hpbvORNRUIsdYLBX7M8f6A= 11. Provider / ISP Name Offer Whitelisting Offer Feedback LoopAOL YesYesBlueTie (Excite)No YesComcast No YesCox No YesEarthlink No YesFastmailNo YesHotmail No YesOpenSRS No YesRackspace No YesRoadRunnerNo YesSynacor No YesUnitedYesYesUSA.net No YesVerizon YesYesYahoo YesYes 12. Rate limits Many B2B domains have connection and rate limits to theirnetwork to slow down the amount of emails they receive. Key is to send as slow as possible as many of these domainsdo not publish rate limits. Content Even for B2B senders, content is key. Filters still look at content, including many B2B filters. Add To Address Book Statement Local whitelisting Monitor Mailboxes abuse@, privacy@ and postmaster@ email addresses andrespond to serious inquiries. The Insider As I call them! Users who work at the domain you arecontacting that can help get your sending informationwhitelisted. 13. User Engagement - Recipient behavior is what the recipientdoes with the mail once it is delivered. If the recipient clicks onthe abuse button or deletes the message without ever readingthe message this will negatively impact future mailings.Opens/clicks and moving mail from the bulk folder to the inboxprovide the best impact towards improving IP reputation IP Reputation Monitoring IP reputation from various sourceswill provide an overall view of how you look to the rest of theInternet. This includes SenderScore, TrustedSource, SenderBaseand others. Ramp up For large clients we recommend ramping upvolume until the full list is reached. Because of mailbots (mailzombies ) the ISPs are looking at sudden spikes of volume fromnew or existing IP addresses. Data Protection Always make sure that your subscribersdata is kept safe and secure. 14. Corporate Blacklists and Spam Filters Fortiguard Antispam from Fortinet -http://www.fortiguard.com/antispam/antispam.html Sophoslabs - http://www.sophos.com/security/ip-lookup Symantec Brightmail -http://www.symantec.com/business/security_response/landing/spam/index.jsp Cisco IronPort SenderBase - http://www.senderbase.org/ Barracuda - http://www.barracudacentral.org/lookups/ip-reputation McAfee TrustedSource - http://www.trustedsource.org/ Proofpoint - https://support.proofpoint.com/rbl-lookup.cgiPostmaster Links: Yahoo - http://help.yahoo.com/l/us/yahoo/mail/postmaster Gmail - https://mail.google.com/support/bin/answer.py?answer=81126 Hotmail - https://postmaster.live.com/ AOL - http://postmaster.info.aol.com/Deliverability Links: Deliverability.com Blog http://blog.deliverability.com Cloudmark Blog - http://blog.cloudmark.com/ Gmail Status Dashboard - http://www.google.com/appsstatus#hl=en Email Marketing Reports - http://www.email-marketing-reports.com/deliverability/ ReturnPath Deliverability Blog -http://www.returnpath.net/blog/emaildeliverability/ Real Magnet Blog - http://blog.realmagnet.com/ Authentication & Spam Check Test -http://www.port25.com/corporate/corp_news_authenticator.html 15. 1 spam trap can cause your SenderScore todrop 20 points Yahoo accepts only 1 out of 8 emails 47% of subscribers use the "spam" button tounsubscribe 77% of marketers experience emails beingdiverted to the spam folder Many URL shorteners are on blacklists. Dontuse them!